Dongsung Kim Sigh... i.imgur.com/4gC1RY...

Martijn I'm not sure I see the problem here?

Dongsung Kim The issuer of the root CA is Government of Korea, thus never being trusted by any web browser (except for IE.) Besides the fact that I don't trust them one single bit - wiki.mozilla.org/C... - they just are so willing to remove the warning(!) bugzilla.mozilla.o...

Martijn I can actually come up with several legit reasons for a government to run their own CA. Governments are moving communications about important and personal things like healthcare online, and having these services encrypted with government signed certificates are a very good way of handling things. The real problem is that underlying CA structure where any root CA can MITM any website. Running add-ons like CertWatch, Certificate Patrol, and the Perspective Project can mitigate this, but not for average users.

Mark Dain I don't think that was the issue here; it's fine to have your own CA (I do) but when you don't include the CA on any browser but IE it seems like vendor lock-in.

Martijn I understood @kidding to not want this CA accepted in any browser, as he doesn't rust them