Daniel Stenberg wrote, On 2008-07-28 09:12: > On Sat, 26 Jul 2008, Nelson Bolyard wrote: > >>> As a user of OpenSSL, NSS, yassl and GnuTLS I can certainly agree that >>> GnuTLS has flaws in its API but NSS most certainly also has flaws as well >>> _and_ notable missing features that GnuTLS offers. >> Daniel, please tell us what features are missing that you would actually use >> if they were present! > > Well, I'm a newbie in NSS land so I don't know the full story of what has > happened in your project that has lead to the results we see today. So I may > of course now step on just about every toe you have! :-) > > But an obvious example of a shortcoming is concerning support for the PEM > format for CA cert bundles and certs in general (as it is very awkward for me > to document, use and describe for users they need to change their ways if > they > happen to build my app with NSS instead of OpenSSL or GnuTLS). > > It seems we have a situation where Fedora (Redhat?) provides some special > plugin(s) for NSS that allows NSS to load and use PEM files where the > "native" > NSS doesn't. > > And of course, what some considers a feature, others may not.
NSS is quite capable of importing certificates in "PEM" format. See http://developer.mozilla.org/en/docs/NSS_Certificate_Download_Specification#Text_Formats _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
