Currently all protocols have a way of transmitting the necessary intermediate certificates, and mozilla products depends on these protocols.
Automatic fetching is a PKIX feature, and is targeted for NSS 3.12.
bob Anders Rundgren wrote:
The following 3-level certificate hierachy works as expected when looking on it in MSIE: Root certificate: http://webpki.org/mozbug/root.cer (to be imported) Actual CA certificate: http://webpki.org/mozbug/cacert.cer (NOT to be imported since the EE cert's AIA CAissuers URI points to this) EE certificate and private key: http://webpki.org/mozbug/anders.p12 (Import and use password "testing") Using Mozilla FF (latest release on Windows) the built-in certificate viewer says that the EE cert is untrusted even though Root was imported and edited as trusted. Are there any known problems with path building in the certificate viewer? I don't use Thunderbird so I could not tesr with e-mail. Anders _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
