On 01/04/2012 03:51 PM, Brian Smith wrote: > Ryan Sleevi wrote: >> IIRC, libpkix is an RFC 3280 and RFC 4158 conforming implementation, >> while non-libpkix is not. That isn't to say the primitives don't exist - >> they do, and libpkix uses them - but that the non-libpkix path doesn't use >> them presently, and some may be non-trivial work to implement. > It would be helpful to get some links to some real-world servers that would > require Firefox to do complex path building. Mostly in the government. They higher 3rd parties to replace our current path processing because it is non-conformant. In the real world, FF is basically holding the web back because we are the only major browser that is not RFC compliant! We should have had full pkix processing 5 years ago!
bob
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
