The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 |
Newsgroups: mozilla.dev.tech.crypto
From: Gervase Markham <g...@mozilla.org>
Date: Tue, 23 Dec 2008 15:42:39 +0000
Local: Tues, Dec 23 2008 10:42 am
Subject: Re: Unbelievable!
Frank Hecker wrote: This was the first thing that occurred to me as well. Can anyone > Do you mean the UTN-UserFirst-Hardware root? According to the screenshot > on your blog post, that's the root the bogus cert chains up to. Also, if > we were to take action of this general sort (as a hypothetical), what > about adding the PositiveSSL CA cert to NSS with the SSL trust bit > disabled; wouldn't that accomplish the same purpose, without interfering > with other parts of the hierarchy under the UTN-UserFirst-Hardware root? > (I seem to recall we've discussed this sort of thing in the past.) (Nelson?) tell us definitively if this is possible? I would assume it is, but it would be good to get confirmation. Gerv You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
| |||||||||||||