Thank you Julien,
The problem was that the certificates of intermediate authorities didn't
have the Object Signing CA and S/MIME CA bits from the NetscapeCertType
extension activated.
Julien Pierre wrote:
Hi,
[EMAIL PROTECTED] wrote:
I have a PKI with 3 levels:
1. A root self-signed
Julien Pierre wrote:
Jean-Marc Desperrier wrote:
Is there a way to get PSM to make any use of the crl distribution
point (crldp) extension ?
How is it handled within NSS ? (I could check the source/doc. I will
if nobody feels inclined to respond)
Or you could type distribution point in bugzilla
Julien Pierre wrote:
Scott Rea wrote:
I am doing this on a Windows 2000 box and an LDAP URL opens the
Windows Address Book [not very helpful] whether I enter the URL in IE
or Mozilla. How can I get Mozilla to do the same as it does for *.crl
files that are entered into the address bar?
Woops.
Julien Pierre wrote:
In many situations, eg. if your client (or even server) is in a
submarine, with no available connection to the outside world to download
a newer CRL, it may be acceptable to use the latest CRL available, even
if the nextUpdate has passed, than to fail altogether.
If you're
Jean-Marc Desperrier wrote:
[In case the CRL doesn't include onlySomeReasons in the IDP]
[...] the code can support the extension just by making sure that the
cert matches the information inside the IDP (has a CRLDP that matches
IDP's distributionPoint, is of the right type: CA, user,
Jean-Marc,
Jean-Marc Desperrier wrote:
In many situations, eg. if your client (or even server) is in a
submarine, with no available connection to the outside world to
download a newer CRL, it may be acceptable to use the latest CRL
available, even if the nextUpdate has passed, than to fail
Jean-Marc,
Jean-Marc Desperrier wrote:
This is not currently supported in NSS. See bugzilla 133191 .
At this time, the only CRL format supported by NSS is full CRLs.
Sorry Julien, there's a confusion here.
The one I was talking about is the certificate extension, which is named
CRL
Forgive me if this has already been covered, but I couldn't find it
anywhere in the list (perhaps I am posting to the wrong list???)
I have an XUL that I want to grant privileges to but seems I need to
grant privileges for each individual JS function - is there no way to
grant privs globally