SSLCop v1.0 – Blocking CAs Released
SSLCop is a hardening tool that can block those CAs you don’t need, based in their geographical procedence. You can disable CAs sorted from countries and leave only those which make sense to you.
Currently we support Windows (Explorer / Chrome) in the future we would support Firefox and Linux.
The problem in current PKI model is every CA identified as “trusted” (regardless being big and famous) is able to issue valid certificates for whatever Internet domain (this applies to Google, Facebook or your online bank site).
So, do you really need to trust all those CAs? In our opinion: no, you don’t have to trust in such big amount of CAs. Likely, you only need to trust in a few big and well-known CAs and, depending your country, your local CAs.
More information: here
Download SSLCop v1.0
Thank you Yago Jesus, for sharing this tools with us.