I’ve decided to embark on a small project to determine what is the smallest set of trusted root certificates I need in my day-to-day life. I have disabled all trusted CAs in both IE and Firefox and will enable the needed root certificates as I go. So far I’ve spent a week of this and have about 10 certificates, 3 of which were needed because I needed to pay my bills : ).
I will run in this mode for 30 days, at the end of which I will report how many root certificates I had to enable to allow me to go through life. In the meantime, I am tweeting every time I need to enable a CA along with the site that needed it.
It is a fun ride so far, so let’s see where it is going to take me.