On Tue, Jan 06, 2009 at 01:58:37PM -0000, Jamie Strandboge wrote:
> Regarding ca-certificates, while this problem is unfortunate, it is
> clear that simply removing the cert is not the answer because thousands
> of perfectly valid certificates would be marked invalid. If a subset of
> Comodo is to be invalidated, we need to consider Mozilla's rationale and
> implementation.
>
OK, so lets wait for both nss and ca-certificates and see what mozilla
comes up with.
On Tue, Jan 06, 2009 at 01:58:37PM -0000, Jamie Strandboge wrote:
> Regarding ca-certificates, while this problem is unfortunate, it is
> clear that simply removing the cert is not the answer because thousands
> of perfectly valid certificates would be marked invalid. If a subset of
> Comodo is to be invalidated, we need to consider Mozilla's rationale and
> implementation.
>
OK, so lets wait for both nss and ca-certificates and see what mozilla
comes up with.
- Alexander