Author: Mike Hearn 2015-01-28 17:02:15
Published on: 2015-01-28T17:02:15+00:00
The BitcoinJ software ships its own root CA certificates bundle, which could potentially leave all BitcoinJ-using software vulnerable if a root CA gets breached and a certificate is revoked. However, this is an advantage in that the Bitcoin community can decide to have different inclusion rules than OS/browser root CA programs. It also avoids problems with old operating systems not including new certs and the lack of a standardized cert/keystore API in Linux. The API makes it easy to use the platform OS store for wallet developers that want to do so, and using the platform store on Android is the default. While this is a debatable topic, reasonable people can disagree.
Updated on: 2023-06-09T15:34:12.355476+00:00