Hi Rick, Would there be any problem with Verisign making a formal inclusion request for the root(s) in question?
Andrews, Rick wrote: > Eddy, > > Yes, I think we need to include the new EV root in NSS, as well as our > older PCA3 root. Web servers still need to be configured with the > intermediate and cross-signed certs so that older browsers that only > know about the older PCA3 root see the EV cert as chaining up to that > trusted root. FF3, if it has the new root in it, should ignore the > cross-cert and conclude that the intermediate CA chains up to the new > EV root. > > -Rick -- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
