Howard Chu wrote: > Likewise in the Mozilla Browser/nss_ldap situation, the credentials > needed for LDAP authentication will probably be quite different from the > credentials needed for web browsing or personal addressbook lookups. It > would be extremely bad if simply using Mozilla on a system with > nss_ldap/LDAP/MozNSS allowed arbitrary browser users to get privileged > secure connections to their authentication server just by adding a new > AddressBook definition.
Isn't that a matter of server-side trust and authz? Also a client app would have to provide a UI for choosing which client cert to use. Maybe I didn't fully understand what you meant though. > I've now gotten OpenLDAP libldap running with the PSM/NSS instance > inside my Seamonkey browser, but it's only using the browser's > already-configured databases at the moment. Well, that would be something I'd like to use. ;-) Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
