Copying Mozilla's certificate database into a PEM file to use in your OpenSSL app is a recipe for unpleasant surprises, unfortunately.
@ivanristic @bkhowson @bagder Some of it is enforced in code. It's all open source. There are no standards for declarative representation.
-
-
@BRIAN_____@ivanristic I've often wondered why roots are self-signed. Wouldn't it be easy to express these tweaks if they weren't? -
@j4cob@ivanristic No, because there isn't any standard for describing them declaratively. -
@BRIAN_____@j4cob Sounds like a project Mozilla’s Winter of Security :)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.