On November 8, 2016 1:47:28 AM CST, Wayne Blaszczyk <[email protected]> wrote: >Last I looked at this, comparing nss to firefox tarballs, it seemed to >me >at the time that firefox was more current, or maybe I was comparing to >what > was in the Mozilla repostitory. I cannot remember now, but for some >reason > I switched from nss to firefox.
Yes, they tend to go back and forth. I *believe* that this has been the effective policy for the Mozilla products in the book since the inclusion of standalone NSS (~2008 at best guess), but that needs to be verified. Most recommended will be the release branch for certdata.txt, with latest always being NSS tip. http://hg.mozilla.org/projects/nss/raw-file/default/lib/ckfw/builtins/certdata.txt Ultimately, the book needs some policy. The release branch has worked for the CLI apps for a long time (and obviously FF, SM, and TB). Maybe we could add some pointers to additional reading, in the book or the wiki, for those who want (or need) to brave the latest and greatest. Even the perl script included with curl could be utilized to do a comparison. One could even go so far as to update the shared nssdb with the modified trust from upstream, but that's a bit too much for the book IMO. I'm not against making mention of it, along with the "beyond the scope of the BLFS book" blurb. --DJ -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
