> I think e.kabarie is concerned with attacks that would inject bogus CA
> certs into the client's cert DB and mark them as trusted.
>
Yes! That's exactly the thing...
> E.Kabarie:
>
> The difficulty with your problem statement is that it lacks a threat
> model. You seem to suggest that an attac
Eddy Nigg (StartCom Ltd.) wrote:
> No comment has been added to the bug
> https://bugzilla.mozilla.org/show_bug.cgi?id=371362 after a request for
> more information was made by me. Is there a way to wake them up somehow?
> Just want to make sure, that they are aware that there are some
> questi
Nelson Bolyard wrote:
> Joe Orton wrote, On 2008-02-07 00:46:
>
>> Hi. When using the libsoftokn3.so PKCS#11 provider, is it safe to open
>> a read-only session to a database which is opened read-write by another
>> process (e.g. Firefox)? (By "safe", I mean simply that the provider
>> will
Nelson Bolyard wrote:
Joe Orton wrote, On 2008-02-07 00:46:
Hi. When using the libsoftokn3.so PKCS#11 provider, is it safe to open
a read-only session to a database which is opened read-write by another
process (e.g. Firefox)? (By "safe", I mean simply that the provider
will not crash and
Nelson Bolyard wrote:
Arshad Noor wrote, On 2008-02-06 06:38:
The issue isn't with certificates; it is with private keys.
Arshad,
I think e.kabarie is concerned with attacks that would inject bogus CA
certs into the client's cert DB and mark them as trusted.
In the shared databas
D3|\||\|!$ wrote:
The issue isn't with certificates; it is with private keys.
I disagree with you...What if somebody deleted the private key from
key3.db and its associated certificate entry in cert8.db??? Then added
his own thing and went around playing with it...???
The keys in the k
Joe Orton wrote, On 2008-02-07 00:46:
> Hi. When using the libsoftokn3.so PKCS#11 provider, is it safe to open
> a read-only session to a database which is opened read-write by another
> process (e.g. Firefox)? (By "safe", I mean simply that the provider
> will not crash and burn if Firefox mo
Hi. When using the libsoftokn3.so PKCS#11 provider, is it safe to open
a read-only session to a database which is opened read-write by another
process (e.g. Firefox)? (By "safe", I mean simply that the provider
will not crash and burn if Firefox modifies something underneath it)
joe
_
8 matches
Mail list logo