Importing root certificates in Vista

Hi all. I was trying to import a root certificate into Vista. I've
observed that when the automatic certificate store selection (my OS is
in Spanish, sorry if it isn't exactly) option in activated, the cert
is stored into intermediate CAs store and not into root certificates
store. Windows XP doesn't present this behaviour. I've finally
selected the store manually.

Do you know why this feature has been implemented like this? It's just
curiosity...

Thanks in advance,

Juan.

Yes, it was implemented this way in Vista.

"Juan Segarra" <juan.segarra@gmail.com> wrote in message
news:1177257357.616217.252180@b75g2000hsg.googlegroups.com...
> Hi all. I was trying to import a root certificate into Vista. I've
> observed that when the automatic certificate store selection (my OS is
> in Spanish, sorry if it isn't exactly) option in activated, the cert
> is stored into intermediate CAs store and not into root certificates
> store. Windows XP doesn't present this behaviour. I've finally
> selected the store manually.
>
> Do you know why this feature has been implemented like this? It's just
> curiosity...
>
> Thanks in advance,
>
> Juan.
>

Ok... but why a root certificate "has to live" (by default) into the
intermediate store? That's what i don't understand... is there any
security issue related with this behaviour? That's what i really mean
with my question. Sorry, but my English is really, really ugly :-P

Thanks in advance :-)


On 24 abr, 00:29, "Haitao Li" <lht1999 [at] hotmail.com> wrote:
> Yes, it was implemented this way in Vista.
>
> "Juan Segarra" <juan.sega...@gmail.com> wrote in messagenews:1177257357.616217.252180@b75g2000hsg.googlegroups.com...
>
> > Hi all. I was trying to import arootcertificate into Vista. I've
> > observed that when the automatic certificate store selection (my OS is
> > in Spanish, sorry if it isn't exactly) option in activated, thecert
> > is stored into intermediate CAs store and not intorootcertificates
> > store. Windows XP doesn't present this behaviour. I've finally
> > selected the store manually.
>
> > Do you know why this feature has been implemented like this? It's just
> > curiosity...
>
> > Thanks in advance,
>
> > Juan.

On 3 May 2007 12:05:44 -0700, Juan Segarra wrote:

> Ok... but why a root certificate "has to live" (by default) into the
> intermediate store? That's what i don't understand... is there any
> security issue related with this behaviour? That's what i really mean
> with my question. Sorry, but my English is really, really ugly :-P
>
> Thanks in advance :-)
>
>
> On 24 abr, 00:29, "Haitao Li" <lht1999 [at] hotmail.com> wrote:
>> Yes, it was implemented this way in Vista.
>>
>> "Juan Segarra" <juan.sega...@gmail.com> wrote in messagenews:1177257357.616217.252180@b75g2000hsg.googlegroups.com...
>>
>>> Hi all. I was trying to import arootcertificate into Vista. I've
>>> observed that when the automatic certificate store selection (my OS is
>>> in Spanish, sorry if it isn't exactly) option in activated, thecert
>>> is stored into intermediate CAs store and not intorootcertificates
>>> store. Windows XP doesn't present this behaviour. I've finally
>>> selected the store manually.
>>
>>> Do you know why this feature has been implemented like this? It's just
>>> curiosity...
>>
>>> Thanks in advance,
>>
>>> Juan.

It is a protection mechanism to prevent users from accidentally adding
trusted root store certificates. Once added, implicit trust is established.
Brian

Thanks Brian :-)

On 4 mayo, 05:10, Brian Komar <bkom...@identit.nospam.ca> wrote:

> It is a protection mechanism to prevent users from accidentally adding
> trusted root store certificates. Once added, implicit trust is established.
> Brian

Hi

I have the same problem with Vista. I try to install a CA certificate
manualy in Trusted Root Certification Authorities, but it goes in
Intermediate and not helping me to install the second certificate, which is a
client one. What should be the problem?

Thanks
Bogdan

"Brian Komar" wrote:

> On 3 May 2007 12:05:44 -0700, Juan Segarra wrote:
>
> > Ok... but why a root certificate "has to live" (by default) into the
> > intermediate store? That's what i don't understand... is there any
> > security issue related with this behaviour? That's what i really mean
> > with my question. Sorry, but my English is really, really ugly :-P
> >
> > Thanks in advance :-)
> >
> >
> > On 24 abr, 00:29, "Haitao Li" <lht1999 [at] hotmail.com> wrote:
> >> Yes, it was implemented this way in Vista.
> >>
> >> "Juan Segarra" <juan.sega...@gmail.com> wrote in messagenews:1177257357.616217.252180@b75g2000hsg.googlegroups.com...
> >>
> >>> Hi all. I was trying to import arootcertificate into Vista. I've
> >>> observed that when the automatic certificate store selection (my OS is
> >>> in Spanish, sorry if it isn't exactly) option in activated, thecert
> >>> is stored into intermediate CAs store and not intorootcertificates
> >>> store. Windows XP doesn't present this behaviour. I've finally
> >>> selected the store manually.
> >>
> >>> Do you know why this feature has been implemented like this? It's just
> >>> curiosity...
> >>
> >>> Thanks in advance,
> >>
> >>> Juan.
>
> It is a protection mechanism to prevent users from accidentally adding
> trusted root store certificates. Once added, implicit trust is established.
> Brian
>