Hi,
Just curious - I see quite some posts on "certutil" that apparently
helps to do that. 0) Is there a binary version for windows available
also outside the US?
As you can see in the below bug URL, I do like PGP-like key management.
Unless "certutil" is easily available also to non-US masses, i.e. to
persons who do not know how to build a binary from a downloaded tgz
file, and unless "certutil" does all the below, does anybody know a
binary downloadable tool that allows me to:
1) create a self-signed (x509?) certificate usable in Mozilla's
mail(/Outlook/Eudora/etc.)
2) add some comments on how to verify the certificate created in 1)
possibly an URL (to my personal web-page or to some hard-coded, general
instructions on how to verify public key integrity out-of-band and on
how to create a web of trust).
3) If I had such a self-signed certificate and wanted to put it on my
personal web-page, what MIME type/file-name extension should I tell my
httpd to send it under? As suggested by [EMAIL PROTECTED] I make a
reference to http://bugzilla.mozilla.org/show_bug.cgi?id=184649 where we
discussed that Mozilla's certificate MIME type handling assumes a very
sophisticated CA/certificate directory and a blind (dumb?) user
(currently no influence on how and whether a certificate gets imported
once a download of it is started nor will the user be told where it went
and what information it contained.)
I contend that this is no longer the appropriate balance in
functionality since CA/public key directories of large institutions that
take care of everything such that the user may remain totally
uninformed/ignorant so far didn't thrive and if any there are more
sophisticated users around who like to be in control of their
certificates themselves. Therefore, I suggested with some RFEs that
Mozilla adapts to these new realities.
Any hints on 0-3 would be highly appreciate and what do you think about
the underlying thoughts? Pls cc replies also to [EMAIL PROTECTED]
- Re: how to best create a self-signed e-mail certificate ... Ralf Hauser
- Re: how to best create a self-signed e-mail certifi... Ian McGreer
- Re: How to import a generic cert? Nelson B. Bolyard
- Re: How to import a generic cert? Nelson B. Bolyard
- Re: How to import a generic cert? Eduardo Spremolla
