Paul wrote: > They've done this before. Yes, I noticed this as well earlier with a CA path lookup (hashed filenames). But it's the same when you use a CA bundle file. Internally they lookup issuers by name which may be fast, however is unreliable. IMO they should be looking up issuer certs by fingerprint.
> I always add my own CA list to avoid these problems. But how to tell your customers that you do not support all certs of the MS Root Certificate Program?? Firefox works around it like you, they simply do not imclude those trouble-certs. -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
