On 01/25/2009 11:02 PM, Florian Weimer:
The Mozilla-listed CA does not know which certificates have been
issued if there's an intermediate CA. Mozilla does not know which
intermediate CAs exist. So there's not much room for proactive
action. You can only run after individual certificates.
W
* Ian G.:
>> Huh? Typical CA policies explicitly state that subscriber
>> certificates are not confidential, and are not treated as such by the
>> CA (so that they can be used by marketing, for instance).
> What I know of, not exclusive or reliable:
>
> 1. privacy, as Eddy has pointed out. Th
* Eddy Nigg:
> On 01/22/2009 11:59 AM, Florian Weimer:
>>> http://lxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt
>>
>> The list doesn't include sub-CAs, which are equivalent to listed CAs
>> for all practical purposes.
>
> Well, if you ping a web site then you'll most l
3 matches
Mail list logo
