On 09/18/2008 01:37 AM, Kyle Hamilton: > Perhaps, Eddy, StartCom's roots were only approved for SSL Certificate > Authority. Did you not include a request for Email or Software > Development bits? >
StartCom roots have currently email and server trust bits set on. There is currently a bug for enabling code signing: https://bugzilla.mozilla.org/show_bug.cgi?id=451298 However the trust bits aren't related to the issue below, because any root is nevertheless supposed to be a CA only. Perhaps lets analyze the key usages below: >> >>>> SSL Server Certificate >>>> Email Signer Certificate >>>> Email Recipient Certificate >>>> SSL Certificate Authority >>>> Status Responder Certificate >> This root may be used for securing a SSL server... This root may be used to sign email messages... This root may be used to decrypt email messages... The later two are fine, not sure about the status responder though. In any case this requires some cleaning up... -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
