Perusing Keychain Access, I see that "TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3" is listed as a trusted root certificate authority. Per this 2013 article, I understand that:
my laptop trusts anything signed by “TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı”. That’s, apparently, a Turkish government entity. Now, I’ve no particular reason to distrust them, but until a minute ago I had no idea that my computer trusted them. More concerningly, I wouldn’t really know if that certificate came built into [the OS] or just got added last week by a nasty bit of malware…
Is this normal? How should I deal with such a thing?
- Delete the certificate? (Is this even possible with S.I.P.?)
- "Untrust" the certificate?
- Is there a way to neutralize all the certificates which weren't there when the OS was first installed? (is this even a good idea?)
Of note, there are a handful of other oddly named (therefore suspicious looking to me) certificates in my Keychain Access. Per the comments to this similar question I am reticent to just start deleting/disabling certificates without a better understanding of what I am doing, how to undo any damage I might cause by deleting certificates which look suspicious or a better understanding of the security issues.
Apologies if this is too broad a question, but what is the Turkish government doing on my computer and should I get rid of the embassy they've installed in my computer?
I am particularly leery, as apparently there is a "Turkish Crime Family" making threats about Apple accounts which they are claiming will happen this April 7, 2017.
FWIW: macOS Sierra 10.12.4, mid-2012 MacBook Air
