On Fri, May 12, 2017 at 1:50 PM, Jakob Bohm via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> Could something be derived from / based on the ASN.1 format apparently > used by Microsoft in it's root store, with OpenSSL/Mozilla OIDs added > for things that have no Microsoft notation yet. > Why? It's a poor format. > Another starting point (if not the same) could be the "trusted > certificate" format that some openssl commands can generate. > Why? It's a poor format. You missed that NSS already has these expressions in the form that is appropriate for NSS. Why change? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy