Ah, I see. From what I can see in the RFC, this usage is not really forbidden, but not really standard either. Generalizing my question, what kind of X509v3 extensions that NSS currently support? I am aware that CA often use these extensions in less-than-standard ways :)
Peter On Jul 23, 11:28 am, Eddy Nigg <[EMAIL PROTECTED]> wrote: > Eddy Nigg: > > > IE fetches CA certificates on its own if a service URL of the CA issues > > /issues/issuer/ > > -- > Regards > > Signer: Eddy Nigg, StartCom Ltd. > Jabber: [EMAIL PROTECTED] > Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
