-
-
Replying to @pzb
@pzb@BRIAN_____@mik235 I mean, it's totally valid to supply multiple attributes per RDN if they're equivalent. I was more talking bout..2 replies 0 retweets 0 likes -
Replying to @sleevi_
@pzb@BRIAN_____@mik235 stuff like https://wiki.mozilla.org/SecurityEngineering/mozpkix-testing#Things_for_CAs_to_Fix …1 reply 0 retweets 0 likes -
Replying to @sleevi_
@sleevi_@BRIAN_____@mik235 there should be a certlint (or maybe cablint) utility to allow CAs to check certs and see if they have issues1 reply 0 retweets 0 likes -
Replying to @pzb
@pzb@BRIAN_____@mik235 Yup. You'd think it'd be easy for CAs to do themselves, but no incentives to "follow the rules"1 reply 0 retweets 0 likes -
Replying to @sleevi_
@pzb@BRIAN_____@mik235 At this point, I believe@mozkeeler has something, and we have several variations of internal bits at this point1 reply 0 retweets 0 likes -
Replying to @sleevi_
@sleevi_@BRIAN_____@mik235@mozkeeler I just tried a basic version in go, but found I need to extend the x509 module: unhandled crit ext2 replies 0 retweets 0 likes -
Replying to @pzb
@pzb@sleevi_@mik235@mozkeeler Why not wrap mozilla::pkix in Go? Ignoring revocation, you'd have something close to what Fx does, w/o NSS.1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@sleevi_@mik235@mozkeeler I don't care about go. Are there any non-C/C++ bindings for moz::pkix yet?2 replies 0 retweets 0 likes -
Replying to @pzb
@pzb@sleevi_@mik235@mozkeeler But, it would be a good basis for a lint tool, as it's as strict as Fx's product management tolerates.1 reply 0 retweets 1 like
@pzb @sleevi_ @mik235 @mozkeeler I take that back. mozilla::pkix only reports 1 at a time, intentionally, so not so good for linting.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.