At 11:06 AM +0100 6/28/07, Gervase Markham wrote:
>Eddy Nigg (StartCom Ltd.) wrote:
>> Under section 6 of the Mozilla CA policy
>> (http://www.mozilla.org/projects/security/certs/policy/) it states:
>> /provide some service relevant to typical users of our software products/
>>
>> This CA seems
Gervase Markham wrote:
>
> Are Austrians not users of our products? :-)
>
Sure ;-)
> Every CA has a market that it serves. There is no obvious bright and
> clear line where we can divide CAs into "providing services relevant to
> typical users" and not; the language is intentionally vague. We
samrat saha wrote:
> Thanks!
> But is there anyway around to extract the trust flags. Due to the library
> size limitation, i can not keep the library
> in the database directory but i need to have the complete CA certificate in
> the databass.
If you'd like to make it smaller, You can build your
Perhaps Nelson, Kai or one of the other NSS people know how to extract
the trust bits which were set for NSS. However if you only need the CA
certificates - similar to a ca-bundle - then you should be OK already
with what you have.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber:
duryodhan wrote:
> signver: function failed: An I/O error occurred during security
> authorization
I *think* a lot of those errors point to it having problems with the
security db for one reason or another (password or location...)
Try doing "certutil -L -d " and see if it lists anything.
If it
Eddy Nigg (StartCom Ltd.) wrote:
> Under section 6 of the Mozilla CA policy
> (http://www.mozilla.org/projects/security/certs/policy/) it states:
> /provide some service relevant to typical users of our software products/
>
> This CA seems to issue certificates to Austrian citizens only
Are Au
Jean-Marc Desperrier wrote:
> Gervase Markham wrote:
>> Jean-Marc Desperrier wrote:
>>> You don't care *who* the owner of the cert is. What you care about is
>>> if he intends to use his signing cert to distribute spyware
>>> extensions. And his identity tells you nothing about that.
>>
>> No, bu
Thanks!
But is there anyway around to extract the trust flags. Due to the library
size limitation, i can not keep the library
in the database directory but i need to have the complete CA certificate in
the databass.
Thanks In Advance,
Samrat
On 6/28/07, Eddy Nigg (StartCom Ltd.) <[EMAIL PROTECTE
The trust flags are for internal usage of the NSS store and not really
part of the CA certificates. You might find however the associated x.509
key usage and x.509 extension in the certificate. Judging from your code
snippet below, you extract the x.509 certificates, which don't have
those trus
Dear All,
I was trying to create the CA store using the buildin CA certificates in
libnssckbi library.
I was extracting the certificate from the module using the following code
snippet.
cert_list = PK11_ListCertsInSlot(slot);
for(cert_node = CERT_LIST_HEAD(cert_list);
!CERT_LIST_
10 matches
Mail list logo
