Ian G wrote:
Where are these 'Grant' dialogs?
They were part of the browser when the Java engine was part of the browser, as in Netscape 4.x. They were used when a java applet requested extra privilege. Netscape had defined some certificate extensions that were used by one or more CAs to facilitate the display of CA logos. NSS contained some code to help the browser find the relevant logo URLs. That code is now "dead code", meaning that it is there in NSS, but nothing ever calls it (or indeed can call it, since it's not exposed outside of the shared library).
> Are they available under Firefox / Thunderbird?
I don't believe so. Today, the Java engine is separate from the browser, and has its own dialogs that ask the user about permissions.
So, if we were to file a bug asking to revert back to the security model of the signer's brand, that would be an easier sell?
I don't think so. Today the browser UI decisions are made by a different set of folks than 8 years ago. Or to put it another way, it would be an easier sell to people who don't work on mozilla now. :)
-- Nelson B _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
