HA Just some pseudorandom, mildly secure thoughts... Home Currently v2.1.0 © 2015. All rights reserved. 29 Aug 2015 Did you know? The Windows Certificate Trust List (aka CTL) is the master source that determines all the root certs your system ultimately trusts by default. In contrast, good old certmgr.msc only shows a much smaller subset of that list, which it proudly claims to be your system's "Trusted Root Certification Authorities". The real deal, though, is stored behind the scenes, in an obscure format, and Windows provides no GUI to view any information about it. Starting with Windows Vista, a new AutoUpdate mechanism was added, allowing these trusted root certificates to be invisibly downloaded on first use. Why does this matter? Because the incomplete information shown by Windows leads many people (including some security professionals) to believe that Wind...