Kyle Hamilton:
(While I understand the need for a common language between the systems
in the world, the fact that most of the Internet doesn't use ASN.1
means that security researchers are operating in something of a void,
a vacuum, that other Internet-protocol implementors and researchers
can't really help with. I truly wish that Netscape had chosen
something else for its identity token format in the original SSL.
This is water under the bridge, though, and not something that anyone
can really help or change.)
According to Kai, this has to be the binary value of the serial/issuer
encoded as base64. He updated the page
http://wiki.mozilla.org/PSM:EV_Testing with instructions how to build a
patched "pp" tool of NSS which can be run like this:
$ pp-with-certid -t certificate -x -i ca-certificate.pem -a
This will output the base64 encoded values needed for the
test_ev_roots.txt file.
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
