Eddy Nigg (StartCom Ltd.) wrote:
Well, what I don't understand really, why you list the various bugs
multiple times?
Because it means that each line gives, unambiguously, the certs for that
version of the product. You don't need to "add up" all the lines before it.
Additionally 338552 was added as well to 2.0 and not at 2.0.0.1 (It was
the first CA added to the FF2 release actually)
Hmm. There seems to be a problem here. The checkin to that release was
not done under the actual StartCom bug. There's something funny going
on. I will investigate.
<later>
On 2006-06-12, kaie made a checkin (certdata.txt 1.37.14.1)[0]
referencing bug 340724[1] "Upgrade NSS on Mozilla 1.8 branch for 1.8.1
final", but without adding a comment to that bug. The checkin comment says:
"Upgrade NSS on Mozilla 1.8 branch to NSS_3_11_20060609_TAG"
but that bug doesn't mention upgrading to that particular tag.
This checkin added the StartCom and Netlock certificates to the branch.
So you are right - both these certificates were in 2.0.0.0, and there
was no change between 2.0.0.0 and 2.0.0.1. I've revised the spreadsheet
accordingly. Thank you :-)
Gerv
[0]
http://bonsai.mozilla.org/cvsview2.cgi?diff_mode=context&whitespace_mode=show&root=/cvsroot&subdir=mozilla/security/nss/lib/ckfw/builtins&command=DIFF_FRAMESET&file=certdata.txt&rev2=1.37.14.1&rev1=1.37
[1] https://bugzilla.mozilla.org/show_bug.cgi?id=340724
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
