> This proves that NSS is doing what it should (except the nicknames > generated for your certs are really ugly - I don't know why that is).
Thank you very much for the time you spent analyzing thise certs/crls. > If the first cert isn't showing as revoked in Firefox or Mozilla, that is > probably due to the trust having been set incorrectly by that product. I have tried next: I have deleted revoked cert from Firefox cert store (using Firefox GUI). Then I have called CERT_VerifyCertificateNow() passing revoked cert as argument. It still doesn't recognize this cert as revoked. :( I don't think this is related with Firefox. _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
