Nelson: please trust us. the product has specific design constraints. the purpose is to allow for mozilla to sit between e.g. MSIE or Acrobat Reader and a web server, analyze the stream and then do something based on it.
The only way that this works is for MSIE or whatever to *install* a certificate from this product and actively mark the I trust this well known evil certificate box. It's well documented, it's understood,. And it has nothing to do with the problem. I appreciate your general work on NSS. But I really hate the NSS team's attitude toward this certain class of questions. You didn't answer the question, but went off on a misdirected rant. Unfortunately umesh didn't explain exactly which path was taken. And umesh didn't indicate if he used the NSS debug env vars to get extra logging. Nor did umesh indicate if he had tried using ssltap in conjunction with this, or using a mozilla as the client with it configured w/ the NSS debug env vars. So I really can't get a useful picture. For most of the purposes of umesh's question, *ignore* the goal and simply worry about why the async handshake didn't work - I have no idea what he's talking about here, I haven't seen the code in over a year. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
