Paul Hoffman wrote:
> At 10:00 AM +0000 3/14/07, Gervase Markham wrote:
>> Paul Hoffman wrote:
>>> A related question that I was intending to do some research on: if a
>>> trust anchor ("trusted root" in this thread) has an expiration date
>>> in the past, doe NSS still treat it as a trust anchor, or does it
>>> ignore it?
>>
>> I can't say for certain because I haven't seen the code, but I would
>> certainly hope it ignores it!
>
> I would hope that NSS *would* use this information because it is what
> the CA has asserted about itself. RFC 3280 does not require that the
> processor use this information.
I may have been unclear here. By "ignores it", I meant "ignore the
cert", not "ignore the expiration date". I believe that's the original
sense in which you used it, but I could be misreading you.
Gerv
_______________________________________________
dev-tech-crypto mailing list
[EMAIL PROTECTED]
https://lists.mozilla.org/listinfo/dev-tech-crypto
