On 2009-08-07 02:21 PDT, Michael Ströder wrote: > Nelson Bolyard wrote: >> On 2009-08-06 03:47, Michael Ströder wrote: >>> Eddy Nigg wrote: >>>>> Quite a while ago, I read a message from someone saying he had devised, >>>>> or was going to devise, a scheme to extract all of Mozilla's trusted root >>>>> certs from NSS and make PEM files from them, and use them as trusted >>>>> certs >>>>> in some other non-NSS-based product. >>>>> >>>>> Does anyone remember that? >>>>> Can you point me to the person(s) who did that? >>>>> I'd like to ask them about it, and maybe reuse it. >>>>> >>>> Yes, that was Curl and here the link to the page >>>> http://curl.netmirror.org/docs/caextract.html and this is the tool: >>>> http://curl.netmirror.org/docs/parse-certs.txt >>> It's about trust after all... >>> So I wonder whether there's a chance to verify the integrity of >>> http://mxr.mozilla.org/seamonkey/source/security/nss/lib/ckfw/builtins/certdata.txt >> Compare it to the master copy at >> http://mxr.mozilla.org/security/source/security/nss/lib/ckfw/builtins/certdata.txt > > Nelson, that's not even a HTTPS URL. > > Ciao, Michael.
OK, so do a cvs checkout over ssh instead. My point was that you can compare your source file against another. The means by which you get it is another matter. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
