Jean-Marc Desperrier wrote: > The trouble is that certUsageEmailSigner in it's current implementation > does indeed look for other things than non-repudiation. It checks that > the certificate is valid to sign mail, ie if it has an Extended key > usage it must include id-kp-emailProtection and the presence or not of > an email address interferes also. So some certificate that are perfectly > valid to sign data do not get certUsageEmailSigner
certUsageEmailSigner is merely an enumerated value. In what function are you saying that this value has the behaviors you describe? -- Nelson B _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto