Le lundi 30 juillet 2012 21:37:56 UTC+2, Ridley a écrit : > I'm looking for a way to eliminate troublesome cross-certificates from > Firefox or Thunderbird, via an extension. I'm quite familiar with > successfully adding certificates, but having some difficulty in using the > APIs to remove and or distrust a certificate. > > This question applies to introduced "Software Security Device" certificates, > as well as "Builtin Object Token" certificates that are bundled with Firefox.
"Builtin Object Token" certificates are not the cross-certified versions. Therefore, for them, you can choose to disable the trust bits and it'll do the job. Looking at the command-line certutil help, the 'p' trust value means 'prohibited' (explicitly distrusted). -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
