To comment on the following update, log in, then open the issue: http://www.openoffice.org/issues/show_bug.cgi?id=76871
------- Additional comments from [EMAIL PROTECTED] Mon Nov 26 16:35:26 +0000 2007 ------- As for the certificateUsageProtectedObjectSigner, this flag would prevent CERT_VerifyCertificate from doing important checks like certificate chain and revocation. certificateUsageObjectSigner is set when there is the extended key usage SEC_OID_EXT_KEY_USAGE_CODE_SIGN which is defined in RFC 3280 as "Signing of downloadable executable code". This may fit for signing extensions but not for documents. Then the Netscape certificate type EMAIL is more suitable. An X509 certificate gets automatically this type, when the the X509 extended key usage is not present. Therefore I am against allowing certificates with this particular extended key usage as well as the corresponding Netscape certificate type. I will probably not make it to have a look into the second patch during the next time. Sorry. --------------------------------------------------------------------- Please do not reply to this automatically generated notification from Issue Tracker. Please log onto the website and enter your comments. http://qa.openoffice.org/issue_handling/project_issues.html#notification --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]