Udo Puetz wrote:
I think (and from googling also quite a lot of other people too) that you should use the stores that are available on that platform.
I fully agree with that. And just keep a manual option to do otherwise for those who don't want their security component to rely on a Microsoft black box.
Including a PKCS11-CAPI conversion layer and setting this to be the default module would do the trick.
[...] it seems that the windows cert store is more robust/lax in dealing with such things.
It does get easier when working at the OS level, also you have to concede that regression/compatibility testing has always been a strong point of Microsoft.
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto