On Saturday, October 22, 2016 at 5:11:29 AM UTC-7, Jakob Bohm wrote: > Talking of codesigning, which root store does Chrome use to validate > signatures on the PPAPI plug ins it is currently forcing developers to > switch to?
I've mentioned to you repeatedly that no one uses the code signing store of Mozilla. Chrome itself does not use a code signing store - as I've also mentioned, CA-mediated code-signing is largely a historical artifact of Microsoft's past decisions, and not something to be practiced or encouraged. So such an action has no impact on anyone consuming the code signing certs, so there's no need to suggest alternatives. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
