On Sun, 17 Aug 2008, Kyle Hamilton wrote: > OpenSSL does not have a root-certificate program. The official > position (from http://www.openssl.org/support/faq.html#USER16) is that > the job of OpenSSL is to create the code to make trust possible, not > dictate who to trust. > > In fact, that same FAQ entry has a pointer to an article on extracting the > certificates from Mozilla's certdata.txt. (I don't know if that file even > exists in the current source, though; if it doesn't, perhaps it might be > nice to send them a message on how to extract from the .db files?)
I'd love to read such a description. (I even host such an "extration service" that provides the Mozilla bundle as a PEM file... so yes, that file still exists!) -- / daniel.haxx.se _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
