System Roots

Question

System Roots

Within Utilities, there is Keychain Access. When click on Keychain Access, a screen comes up that has on the left hand side a heading: Keychain. Under this heading there are a number of subheadings, one with a closed lock and another with an open lock. There is one called System Roots. When I click on it a large number of items come up like: Chamber of Commerce Root, Class 1, Publication Authority, Deutsche Telekom Root CA2, Geotrust Global, Quo Vadis Root CA2, Staat der Nederlander Root CA, Turktrust, Wells Fargo Certificate Authority. These are only a small sampling. All of the items have expiration dates. Some of the dates go out to 2035. How did these items get there and does it mean that these entities have access to my computer and if they do have access, how can I get rid of them and prevent further intrusion?

21.5",3.06GHz,Intel Core 2Duo,4GB Ram, Mac OS X (10.6.5)

Posted on Nov 16, 2010 5:12 PM

Reply

Answer 1

MartinR

Level 7

24,420 points

Nov 17, 2010 7:31 AM in response to Edward Boghosian

These are normal Certificates that are installed with OS X. They are part of what is known as a public key infrastructure and their purpose is to enable OS X to validate that various entities that you may access (usually via the web) are actually who they say they are and can be trusted. They are used to bind together a public encryption key with an associated identity - and that they are are valid and belong to each other. There is much more to it, but that is basically what they are.

They do not allow the listed entities to access your computer. Do not remove them.

Reply

Answer 2

rkaufmann87

Level 10

148,494 points

Nov 16, 2010 5:28 PM in response to Edward Boghosian

Edward,

A good place to start is to find learn what KeyChain Access is:

http://www.macworld.com/article/40403/2004/10/workingmac.html

I suspect that the organizations you either may do business with directly or are organizations you do business with indirectly. To make a very long story short you are not being intruded upon, if anything it's the exact opposite, you may have the ability to intrude on them.

Reply

Answer 3

Nov 16, 2010 6:50 PM in response to rkaufmann87

rkaufman:

Read the article and checked through Roots part of Keychain Access in more detail. Conclusion: I e-mailed the author of the article you referenced requesting more information about Certification. I hope he responds because there is a lot I don't understand. I don't have any recollection bringing up many of the items(companies?) that are there and I'm really curious or suspicious on how they got there.

Reply

Answer 4

rkaufmann87

Level 10

148,494 points

Nov 16, 2010 7:17 PM in response to Edward Boghosian

I hope he writes back, perhaps he has much more knowledge.

My wild guess is the reason they're there is because they're somehow affiliated with other web sites you visit. For example if you had an investment account with B of A and one of those investments is a mutual fund made up of 30 different investments B of A in order to provide you information has to get information from each of those 30 different investments. So lets say you decide you want to see how that mutual fund is performing and you want the most up to date information as possible. Because B of A is managing that mutual fund it has to have instant access to each of those 30 investments do some pretty quick calculations and provide you with the information you want. In order for them to get the most current info they're opening a portal with each of those companies and collecting information, calculating it and finally providing it you. While you never directly see those accounts because B of A has made their user interface such that you don't have to. OS X is extremely secure and it collects that information for you in the keychain so that when you want information quickly you can get it.

Hope this makes sense!

Reply