At 9:14 AM -0800 12/24/08, Kyle Hamilton wrote: >I'd like to see an extension that allows other certificates (for the >same public key) to be included in a certificate (self-signed or not).
Are you asking for a Mozilla extension or a PKIX extension? If the latter, none is needed: it is already inherent in PKIX. In fact, I am not sure that anything needs to be done by Mozilla. The following should theoretically work: - Remove all trust anchors one-by-one - Add your single trust anchor - Sign the certs of any CA you want - Add those signed certs to the pre-loaded validation path (not root) cert list I haven't tried this myself, but it should work. I have been told that something very similar to it works fine in XP/Vista for IE. --Paul Hoffman _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
