krypticmind (1369357) writes "Researcher Nasko Oskov from netsekure.org has spent 30 days trusting only 10 CA root certificates in his browser and details the findings in his blog. "It was an interesting one month and I’ve learned a bunch. The main takeaway from this experiment is that I don’t need 3 digit number of trusted CAs in my browser." This comes after previous concerns on breaking the chain of trust for certificates here (http://yro.slashdot.org/story/10/03/26/1334254/Government-Could-Forge-SSL-Certificates)."
Link to Original Source