Hi guenter -
Thanks for that. After looking more closely I suspected that's all we can do.
The full list is here
You can provide a patch for users
or build a GRE without those 200 certs
We should also disable Comodo CA, and enquire closely from Mozilla about its certificate.
This is beginning to look like "Nightmare on Elm St"
At the moment I must go with Tor and assume "no browser is secure", simply because
The Certificate Authority system as it stands today is a house of cards and we're witnessing in public what many have known for years in private. The entire system is soaked in petrol and waiting for a light.
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon 76RC, IE11, Clyton email 15.0, Foxit Reader 188.8.131.526, PaintShop Pro 6.02, Avast! 12.3.2280, SuRun 184.108.40.206, VoodooShield 3.57
Television is the first truly democratic culture -- the first culture available to everyone and entirely governed by what the people want. The most terrifying thing is what people do want. [Clive Barnes, 1969]