> > I can not simply, they could be fake, and there > > is no establishment of trust, especially if the > > keystore component is written by Microsoft. > > Why are keystore components written by Microsoft peculiarly unworthy of > trust? The procedures used to determine the list of certification authorities in Windows XP, Internet Explorer and other Microsoft products are documented at: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/news/rootcert.asp -- Christian Huitema