- Mozilla Connect
- Discussions
- Very new here and have a few questions about CAs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Very new here and have a few questions about CAs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-09-2023 10:56 PM
I've been researching phone security just as a bit of a "hobby" recently and CA certificates are definitely involved and not discussed as much as I think they warrant having knowledge about. I have a couple attatchments here. That being said, I found a discussion here from 2 years ago regarding the distrust of a CA: https://bugzilla.mozilla.org/show_bug.cgi?id=1708307
The screenshot I attached seems to be exactly the same. I found this on my S22 that I bought used, wiped the cache, and did a factory reset a couple weeks ago so shouldn't this be gone completely from my system even if it doesn't technically expire until next year? I ended up finding 10 in total from various entities and some had expired 2 or 3 years ago. Shouldn't unaware people be notified about disabling them as a security precaution? Any insight and feedback would be greatly appreciated. Thanks.
- Labels:
-
Privacy & Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2023 10:12 AM
Bien iiiiiiii
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
17-05-2026 09:27 AM
@peedsllab wrote:I've been researching phone security just as a bit of a "hobby" recently and CA certificates are definitely involved and not discussed as much as I think they warrant having knowledge about. I have a couple attatchments here. That being said, I found a discussion here from 2 years ago regarding the distrust of a CA: https://bugzilla.mozilla.org/show_bug.cgi?id=1708307
The screenshot I attached seems to be exactly the same. I found this on my S22 that I bought used, wiped the cache, and did a factory reset a couple weeks ago so shouldn't this be gone completely from my system even if it doesn't technically expire until next year? I ended up finding 10 in total from various entities and some had expired 2 or 3 years ago. Shouldn't unaware people be notified about disabling them as a security precaution? Any insight and feedback would be greatly appreciated. Thanks.
I also have the same question because I recently started learning more about phone security and certificates, and I noticed some strange CA certificates on my device as well. Even after doing a factory reset, I was surprised to still see certificates that looked old or expired, so I’m confused about whether this is normal Android behavior or something users should actually be concerned about.
It also seems like most regular users would never notice these certificates or understand what they mean, which feels like a potential security risk. I’d really appreciate if someone with more experience could explain whether these certificates are harmless system leftovers or if they should always be manually removed or disabled.
