Here are a few more details about that API.
The able to policy bits would be initialized when NSS is initialized.
It would have no persistence. Each time NSS is initialized, the application must then make any changes to the policy table that it wishes to make.
To disable MD5 for use in certs, the application might use this code:
SECStatus rv; rv = NSS_SetAlgorithmPolicy(SEC_OID_MD5, ~NSS_ALG_USABLE_IN_CERT_SIGNATURE, 0);
Here are a few more details about that API.
The able to policy bits would be initialized when NSS is initialized.
It would have no persistence. Each time NSS is initialized, the
application must then make any changes to the policy table that it wishes
to make.
To disable MD5 for use in certs, the application might use this code:
SECStatus rv; mPolicy( SEC_OID_ MD5, ~NSS_ALG_ USABLE_ IN_CERT_ SIGNATURE, 0);
rv = NSS_SetAlgorith