OK, Frank, not going to run in circles here...just a few short
replieslast try
Frank Hecker:
> I understand what you're saying, but in the end we have to weight
> security risks in some way, and using an economic analysis is IMO a
> reasonable way to do that. To say that you can't put a
Hi Robin,
Sorry that I'm relying to you only now.
Robin Alden:
>> The behavior of Comodo in this respect is really surprising! Supposed
>> you would issue certificates with longer validity only to entities which
>> were thorough verified and validated, I could offer some understanding.
>> But by
Hi,
is there any way I can find the certificate associated with a public key
using
the SubjectPublicKeyInfo (CERTSubjectPublicKeyInfo)?
I am looking for public API and not too low level.
I looked in the .../nss/certdb/cert.h and .../nss/pk11wrap/pk11pub.h
files - couldn't find anything appropr
Eddy Nigg (StartCom Ltd.) wrote:
> We aren't talking here about a possible gain in material only (money,
> credit cards), but also eavesdropping and acquiring information.
> Breached privacy is a *LOSS* for the relying party and LOST trust in the
> software upon which the relying party relies, w
Frank Hecker:
>
> I don't disagree that in general CAs should limit cert lifetimes, for
> all sort of reasons.
I'm glad to hear that. And you are right, that there are other reasons
as well. However I'm concentrating on the reason closest possible also
in relation to the Mozilla CA policy. Prev
On Tue, Mar 25, 2008 at 12:58 PM, Ron Lu <[EMAIL PROTECTED]> wrote:
> Hi,
>
> i just want to be sure. As the NSS Security Tools also make use of NSPR and
> i only found out that NSS is triple-licensed but do not know about NSPR. Is
> it triple-licensed,too?
Yes, NSPR is triple-licensed, too.
Eddy Nigg (StartCom Ltd.) wrote:
> A certificate with a lifetime of one year isn't an *ongoing threat of
> possibly ten years* to come. There is a huge difference!
>
> Supposed that a domain which was owned by someone else, isn't going to
> end up within a very short time in the hands of a diffe
Hi,
i just want to be sure. As the NSS Security Tools also make use of NSPR and i
only found out that NSS is triple-licensed but do not know about NSPR. Is it
triple-licensed,too?
Thank you!
ron
--
GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen!
Jetzt dabei sein: http:/
Frank Hecker:
> Don't have time for a long response, but I do have one comment below.
>
> Eddy Nigg (StartCom Ltd.) wrote:
>
>> One can purchase a popular or less popular domain name, request a
>> certificate for N years, let the domain name expire after one year, wait
>> to have it picked up
> Robin Alden:
> >
> > The only certificates we issue for 10 years are DV certificates.
> > We do not currently repeat any of the validation checks during a
> > certificate's lifetime for any of our certificate types.
> >
>
> The behavior of Comodo in this respect is really surprising! Supposed
>
françois blanchon wrote:
> Hello
> Question about CA in Firefox (I precise : I am not a developper at all). I
> must securise a Firefox on a Windows workstation, and one part is to remove
> all the built-in CA certs and install only a private one (the workstation is
> not able to go on the Interne
On Tue, Mar 25, 2008 at 8:21 AM, françois blanchon <[EMAIL PROTECTED]> wrote:
> Hello
> Question about CA in Firefox (I precise : I am not a developper at all). I
> must securise a Firefox on a Windows workstation, and one part is to remove
> all the built-in CA certs and install only a private
Don't have time for a long response, but I do have one comment below.
Eddy Nigg (StartCom Ltd.) wrote:
> One can purchase a popular or less popular domain name, request a
> certificate for N years, let the domain name expire after one year, wait
> to have it picked up by somebody else. Now, this
Hello
Question about CA in Firefox (I precise : I am not a developper at all). I
must securise a Firefox on a Windows workstation, and one part is to remove
all the built-in CA certs and install only a private one (the workstation is
not able to go on the Internet). If I remove "nssckbi.dll" it wor
Hi Frank,
After reviewing the request of Comodo and receiving sufficient answers
from Robin Alden (of Comodo) concerning the inclusion and update request
of the various Comodo CA roots currently under discussion and after
hearing (and replying to) the arguments you posted as well, I would like
Hi Robin,
First of all thank you for your honest answers, I appreciate that and
the time you invested! This is going to be a summarized response of all
your posts and answers.
Robin Alden:
>
> The only certificates we issue for 10 years are DV certificates.
> We do not currently repeat any of
16 matches
Mail list logo
