Frank Hecker: > For the record, Entrust understands what our concern is and has been > cooperative in trying to come up with a way to address it. However the > problem is that even if Entrust were to revoke DigiNotar's intermediate > CA certificate that would not help resolve the problem, for the reason I > mentioned earlier (Firefox/Thunderbird et.al. don't do revocation checks > for CA certs). >
Perhaps Nelson can provide more information about the road map for CRL fetching, but it will be soon supported by NSS. This would solve the problem once it is. -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
