Nelson B wrote: > Duane wrote: > > Nelson B wrote: > > > >> Choosing to be a low-assurance CA is a legit choice, IMO, as long as > >> the low assurance CA doesn't then issue certs used in applications > >> that require high assurance. > > > > > > Is there something that can be done to add extra bits to the server > > certs, > > I wish there were some way, but I don't know of any standard way to > represent the amount/strength of authenticity checking done by CAs > prior to issuance. There would have to be a new extension, or > alternatively it could be new info stored along with the cert in NSS's > cert store.
I like that idea - I've started a thread that leverages it. _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
