On 8/15/2011 5:14 PM, Robert Relyea wrote:
On 08/13/2011 12:30 PM, Sean Leonard wrote:
On 7/29/2011 2:21 AM, Sean Leonard wrote:
What is the procedure to validate an arbitrary extended key usage (EKU)
with NSS?
[...]
Without refreshing my memory by looking at the code, I suspect your
evaluation is correct. I don't think a patch corrects this issue would
be looked on unfavorably. I think we just haven't needed to dynamically
add additional EKU's yet. The CERT_PKIXVerifyCert has the ability to
take on new parameter types without changing it's signature, so it could
be a fixable problem...
[...]
certificateUsageCheckAllUsages will verify the cert against all the
possible usages and return the usages it found. It doesn't look like we
have a generic 'Any' usage.
Thanks much; I got it figured out now.
Best, Sean
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
