I have some questions about signtool. Once again, these are probably n00b questions, so I apologize if they've been covered elsewhere. any guidance on relevant links would be much appreciated (e.g. a link to a clearinghouse for doco on NSS and FIPS - I've found the FC_* doco on mozilla.org, as well I've found http://books.mozdev.org/html/mozilla-chp-12.html for some guidance on how certutil and signtool interact).
About signtool: . It seems to rely heavily on the signature verification used by JAR. If I set my secmod database to FIPS mode, am I guaranteed that signatures are verified in FIPS mode? . Are there plans to support external timestamps, a la the M$ signtool.exe /t switch? . Are there plans to support other formats than JAR and XPI? Namely, my interest is whether or not this tool is expected to support other code-signing use cases (e.g. signing Windows dll/lib files, etc)? Is there somewhere I can find information (aside from reviewing the source tree) for the nss/cmd utilities? Cheers, -rb
-- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
