[openssl-dev] OpenSSL and certain PEM formats
Sean Leonard
dev+openssl at seantek.com
Fri Dec 19 22:52:16 UTC 2014
On Dec 19, 2014, at 11:35 AM, Kurt Roeckx <kurt at roeckx.be> wrote:
> On Fri, Dec 19, 2014 at 03:05:32PM +0000, Viktor Dukhovni wrote:
>> On Fri, Dec 19, 2014 at 08:47:55AM -0500, Daniel Kahn Gillmor wrote:
>>
>>> Does OpenSSL have documented someplace exactly what it means to have a
>>> "TRUSTED CERTIFICATE"?
>>
>> It is a certificate + auxiliary data which specifies a friendly name
>> plus a set of EKUs.
>
> Mozilla provides a list of root certificates and that includes at
> least the trust settings for that certificate.
What exactly is the Mozilla (NSS) format? How does it differ from the OpenSSL format?
Sean
More information about the openssl-dev
mailing list