The Value of Public Roots
- If browser does not trust the root used to sign a certificate, the browser will NOT establish an SSL session
- If using a private hierarchy, must distribute roots to all browsers IN ADVANCE
- VeriSign roots are trusted by 98% of all browsers
List of trusted roots in Netscape Browser