Re: TURKTRUST root CA certificate inclusion request

2007-12-07 Thread Michael Ströder
Eddy Nigg (StartCom Ltd.) wrote: Michael Ströder wrote: I agree with Eddy on this. When defining cert profiles for CAs I always take into consideration the set of relying participants. If the certs are to be used globally they SHOULD be readable to the international public like other

Re: PKI Book reccomendation?

2007-12-07 Thread Brad Hards
On Saturday 08 December 2007 11:31:50 am Nelson Bolyard wrote: I need a way to bring some people up to speed on the details of PKI and RFC 3280, ideally without me spending a lot of time teaching. I'm hoping there's a good book that offers a tutorial about PKI, and explains certs, CRLs, OCSP,

Re: PKI Book reccomendation?

2007-12-07 Thread Kyle Hamilton
I haven't read it yet, but a quick Google search turns up http://ospkibook.sourceforge.net/, the Open-Source PKI Book? -Kyle H On Dec 7, 2007 4:31 PM, Nelson Bolyard [EMAIL PROTECTED] wrote: I need a way to bring some people up to speed on the details of PKI and RFC 3280, ideally without me

PKI Book reccomendation?

2007-12-07 Thread Nelson Bolyard
I need a way to bring some people up to speed on the details of PKI and RFC 3280, ideally without me spending a lot of time teaching. I'm hoping there's a good book that offers a tutorial about PKI, and explains certs, CRLs, OCSP, and the (IETF) standard extensions for certs and CRLs. It needs

Re: Comment on tls-srp enhancement?

2007-12-07 Thread Nelson Bolyard
Steffen Schulz wrote, On 2007-12-07 07:43: I was hoping for some feedback on bug 405155, which adds support for TLS-SRP. Are the core devs that busy right now? The NSS team has lost 3 staff members this year, and those of us who remain are very busy, yes. We're (hopefully) nearing the end of

Comment on tls-srp enhancement?

2007-12-07 Thread Steffen Schulz
Hi all, I was hoping for some feedback on bug 405155, which adds support for TLS-SRP. Are the core devs that busy right now? (I also thought subscribing to this list would enable me to follow the current development around nss/psm. Do you just use bugzilla?) regards, steffen -- Bildet

Re: TURKTRUST root CA certificate inclusion request

2007-12-07 Thread Michael Ströder
Eddy Nigg (StartCom Ltd.) wrote: Now, you are right that this is certainly fine for people in the knowledge of the respective language and character set. But what about the rest? How can somebody make a judgment on the basis of the certificate details if the vast majority can't read it?