Kyle Hamilton:
> I tend to disagree.
>
> I think that Mozilla needs to grow enough balls to boot out anyone who
> doesn't continue to adhere to the standards for inclusion after
> approval.
The first step is to receive a firm commitment from the CA. Before
kicking a CA out of NSS, Mozilla should
On Fri, Jun 20, 2008 at 5:44 PM, Eddy Nigg <[EMAIL PROTECTED]> wrote:
> This boils down to either of the two other options. If NSS isn't able to
> choose the DigiNotar root or treat the cross-signed certificate as
> revoked, than the email bit of Entrust should be set to off until the
> issue is so
Frank Hecker:
> As promised, here is an update on where things stand with regard to
> DigiNotar and Entrust.
Thanks for the follow up, Frank!
>
> 1. Get DigiNotar to improve its practices with regard to certificates
> that contain email addresses and could be used for S/MIME email. This is
> my
As promised, here is an update on where things stand with regard to
DigiNotar and Entrust. (Since a lot of this is based on information I
got from Nelson, he's invited to point out where I got things wrong.)
First, a recap for those who've forgotten:
Recently I approved inclusion of the DigiNot
We've completed the first round of public comment on the request from
Entrust to have its new Entrust Root Certification Authority root
enabled for EV. Based on the results of the first comment period and
other available information, I'm inclined to approve this request, and
am now starting a s
Hi all,
I deployed an applet that uses jss in order to get certs (and associated
private keys) on firefox keystore and sign electronic documents. The applet
works well in Firefox 2, but in Firefox 3 the browser crashes when my
implementation of PasswordCallback provides the token password; if a
pa
Eddy Nigg:
> Jan Schejbal:
>> - Allow editing of saved certs, for example to limit their validity (if
>> a cert has alternate allowed domains, to change validity duration etc.)
>> or to extend it (google.com cert could be extended to be valid for
>> google.de and www.google.com and www.google.de, r
Jan Schejbal:
> Hi,
> the new SSL warning is great for normal users, but really annoying for
> professionals. I know how SSL works, and if I decide to connect to a
> "untrusted" server, I know what I am doing (some pages that I would
> normally use via http work only via https, and they have self-s
8 matches
Mail list logo
