Ian Grigg wrote:
Jean-Marc Desperrier wrote:
He does not compute the SHA1/MD5, he returns the cert.sha1Fingerprint,
cert.md5Fingerprint value from a nsIX509Cert object he gets back from
nsISSLStatus status.
Darn. One supposes that this is authoritive,
in that NSS will also
If you don't trust
Jean-Marc Desperrier wrote:
I'm convinced this would work better than the current site white list
mechanism.
My opinion is that white-list forces to take a bad compromise between :
- allowing a small number of list, which will result in major bandwidth
problems for those sites, and
Jean-Marc Desperrier wrote:
Ian Grigg wrote:
Jean-Marc Desperrier wrote:
He does not compute the SHA1/MD5, he returns the
cert.sha1Fingerprint, cert.md5Fingerprint value from a nsIX509Cert
object he gets back from nsISSLStatus status.
Darn. One supposes that this is authoritive,
in that NSS
Nelson Bolyard wrote:
I suspect there's been a misunderstanding here. I took Ian's One
supposes
remark as an unfinished sentence, and so did not attempt to interpret it.
I was thinking out aloud, and expecting to get
shot down in flames. You were right to ignore
it :)
Jean-Marc seems to have