On 04/26/2014 01:44 AM, Erwann Abalea wrote:
Took a quick look at the code, it looks like KU/EKU checks is ok,
BasicConstraints checks are weirdly done, NameConstraints checks are hard to
follow, CertificatePolicies checks is a joke. I now notice that I didn't see
date checks (I may have
On Fri, Apr 25, 2014 at 6:59 AM, Erwann Abalea eaba...@gmail.com wrote:
Le vendredi 25 avril 2014 13:46:51 UTC+2, Martin Paljak a écrit :
On Thu, Apr 24, 2014 at 9:07 PM, Kathleen Wilson kwil...@mozilla.com
wrote:
Also, we added a section to the wiki page to list some behavior
changes that
On Mon, Apr 28, 2014 at 4:45 PM, Erwann Abalea eaba...@gmail.com wrote:
The chain builder can test all possible issuers until it finds a valid one
(that's what OpenSSL does, for example). The AKI is only here to say
pssst, this is most probably the certificate you should try first.
Right. We
3 matches
Mail list logo
