Hey Guys, 

I am trying to answer some questions on Software Restriction Policies that I have. Form this link here: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh...

Under the section: Set Trusted Publishers Options

Here >> The policy settings in the Trusted Publishers tab of the certificate path validation policy allows administrators to control which certificates can be accepted as coming from a trusted publisher.

Do I set this policy settings under trusted publishers, or under Computer Configuration\Windows Settings\Security Settings, click Public Key Policies.

I don't understand what the difference is between the trusted publishers tab (of the SRP itself) and the "Trusted Publishers" under the security settings public key? 

Sorry I know its a strange question, but the documentation isn't very clear on the differences between both locations. Why is there a setting on the SRP (Itself) and in Group Policy (per the doc) ? The SRP settings DO NOT write to the security settings\Public Key Policies on the local client system. 

Thanks, 

Robert