Agreed. The point I was was raising originally is why other options besides sourcing certificates from third parties are not considered. Using a Mozilla bundle is one option. Relying on hardcoded certificates in a web browser or other application is another option. IMO, these are not the only options. The "user" should have a choice.
With respect to computers and the internet, there is substantial history of problems with third party intermediaries. Deliberately excluding, or even just failing to recognise, the option for a user to eliminate a third party intermediary is highly suspect given that history, IMHO.
With respect to computers and the internet, there is substantial history of problems with third party intermediaries. Deliberately excluding, or even just failing to recognise, the option for a user to eliminate a third party intermediary is highly suspect given that history, IMHO.