moz used to automatically store a copy of all certs it received in emails, regardless of whether they were or were not useful for encryption, and mozilla would store certs with invalid signatures, or signed by untrusted CAs, etc. That was bad becase an bad cert could "poison" the cert store.
So, now mozilla only stores other people's certs that (a) are valid for encryption, and (b) were issued by valid CAs. It does this automatically.
And how do you import a cert issued by a non-recognised CA ?
I think I filled/commented an entry in bugzilla about manually trusting cert issued by non-recognized CA.
This change makes the functionnality even more needed, if we agree that trusting the cert should import it and make it available to send encrypted mail if applicable.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
