On 09/25/2009 11:58 PM, Kyle Hamilton wrote:
> 2009/9/25 Robert Relyea :
>
>> Because of the way the system works, deleting a cert from builtins would be
>> equivalent to marking it untrusted. The user could still override our choice
>> in softoken. Unfortunately the trustorder is set on the mod
On 09/25/2009 06:55 PM, Nelson Bolyard wrote:
> On 2009-09-25 18:17 , Robert Relyea wrote:
>
>> On 09/25/2009 04:39 PM, Kathleen Wilson wrote:
>>
>>> Note that I am operating under the assumption that there is currently
>>> no way in NSS to mark a root certificate as “untrusted”. Please let
2009/9/25 Robert Relyea :
>
> Because of the way the system works, deleting a cert from builtins would be
> equivalent to marking it untrusted. The user could still override our choice
> in softoken. Unfortunately the trustorder is set on the module, not the slot
> (/me mentally slapping myself for
On 2009-09-25 18:17 , Robert Relyea wrote:
> On 09/25/2009 04:39 PM, Kathleen Wilson wrote:
>> Note that I am operating under the assumption that there is currently
>> no way in NSS to mark a root certificate as “untrusted”. Please let me
>> know if this assumption is incorrect.
>>
> There are
On 09/26/2009 02:39 AM, Kathleen Wilson:
If it would be reasonable to mark a root cert as “untrusted” in NSS,
we could also consider this option... If a root were to be
compromised, and marked as untrusted, it could be treated as though
all of the trust bits are unset, and not allow the user to s
On 09/25/2009 04:39 PM, Kathleen Wilson wrote:
Note that I am operating under the assumption that there is currently
no way in NSS to mark a root certificate as “untrusted”. Please let me
know if this assumption is incorrect.
There are 3 states we can report about a certificate: trusted, unkn
I am leading the effort to create a policy and a process for removing
a Certification Authority root certificate from distribution in
Mozilla products, and I would greatly appreciate your input and
feedback on the following.
Wiki page for ideas about the process and policy:
https://wiki.mozilla.or
7 matches
Mail list logo
