Paul,
Paul Hoffman wrote:
At 1:35 PM -0800 1/5/09, Wan-Teh Chang wrote:
On Sun, Jan 4, 2009 at 12:32 PM, Paul Hoffman <phoff...@proper.com> wrote:
I propose that Mozilla form a new mailing list, dev-policy-trustanchors. The
topics for that list would include:
- All new trust anchors being added to the Mozilla trust anchor pile
- Proposals for changes to the Mozilla trust anchor policy
- Complaints about particular participants in the current trust anchor pile
- Discussion of the UI aspects of the PKI in various Mozilla software
The first three topics are appropriate for the proposed new mailing list.
(I would use "root CAs" instead of "trust anchors" in the mailing list's
name because "trust anchors" sounds a little too technical.)
I beg to differ here. There has been a lot of discussion of allowing people to
add self-signed certs that are not CAs to their list of trusted CAs. Those
would be roots, but they would not be CAs. They are, in fact, trust anchors.
The PKI UI in mozilla clients is not just about selecting trust anchors
and using self signed cert. It has many other functions - backing
up/restoring your own certs and keys, etc.
And it's a bit difficult to separate all the the cert management from
PKCS#11 token issues since certs live in tokens by definitions.
So, I think the UI issues should remain together in this list with NSS
issues.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
