I thought we'd had this type of conversation before... or maybe it
was on the TLS discussion list, and I'm not remembering. Regardless...
A "trust anchor" is a public key. (It's not a certificate that
contains the public key, or anything which can be validated with the
public key -- it's t
Hi, all gurus on board,
I guess this must be the right group for my question.
I am working on a web-based certification authority application, from
where users can apply for X.509 digital certificates.
On the certificate application web form, I have a dropdown list of
cryptographic providers. T
timeless wrote:
> Did Camino do this when they created, added, or enhanced their
> security UI?
Possibly not; you'd need to ask them.
> To provide a more amusing variant. Did the people who wrote help
> (Netscape, and third parties) for the Security UI in Mozilla 1.7 or
> Firefox (to the extent t
Nelson Bolyard wrote:
> Your proposal would require storing the equivalent of a name constraints
> extension along with the root CA cert. It would also require additional
> processing, because name constraints are generally not processed inside
> trust anchors. That is, usually a CA puts the name
4 matches
Mail list logo
