Peace.
Sat, Sep 17, 2011 at 12:16:26PM +0200, Jeff Templon wrote:
> So I regularly have occasion to visit some website that wishes to
> identify itself to me using a host certificate provided by a CA
> belonging to this bizarre, non-standard organization called the
> IGTF. Being bizarre and nonstandard, none of the CAs are installed
> in e.g. Firefox or in the system trust anchors on Mac OS X.
You might be interested in the following presentation about
PKCS11 module for Firefox,
http://docs.google.com/viewer?a=v&q=cache:RB3uCTFfEIkJ:https://www.egi.eu/indico/getFile.py/access%3FcontribId%3D400%26sessionId%3D79%26resId%3D0%26materialId%3Dslides%26confId%3D452+daniel+kouril+mozilla+egi-tf+2011&hl=ru&gl=ru&pid=bl&srcid=ADGEESjA8EyajuXdvKJSuvj6coLCCw0LBGeKHizce63TLhiILlGiU4mIhOqXRH4XYl0pd8JxJ9Z_lKRwRho7eRw1wUWvmbhjspk2tRvsbOcKjCwzNcnu7wuVCVhFF04Ikvv5iODiWRRq&sig=AHIEtbSRRyhZvkNRk1K57lBf6fgS41roBQ
I hadn't yet tried this software, so I can't speak how it works,
but my understanding from the slide 8 is that one can get the whole
bunch of the trusted certificates, put them into the standard
location and use with Firefox.
Perhaps Daniel himself will be able to clarify.
--
Eygene Ryabinkin, National Research Centre "Kurchatov Institute"
Always code as if the guy who ends up maintaining your code will be
a violent psychopath who knows where you live.
|