On 06/07/17 14:44, Kai Engert wrote: > My response was based on my interpretation of Gerv's suggestion, which I > understood as follows: > - certdata.txt remains the master, keeps maintained and published with NSS > - we define a new file format that's accepted as the standard for several > root stores > - we convert certdata.txt to that interchange format > - we publish the conversion result (the Artifact)
My apologies. My suggestion is almost what you say, but with the difference that the new format is the master (as it contains more info than certdata.txt does) and certdata.txt gets regenerated whenever NSS takes a new release of the root list, rather than the other way around. So in this scenario the EV C++ file would be directly generated from the new format; certdata.txt would not need to carry EV info. In fact, the file format of certdata.txt would be unchanged. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy