On Apr 1, 2008, at 8:55 AM, Todd Denniston wrote:
neat trick.
And it works for *any* NSS-relying application: Thunderbird, Evolution, etc.
But wouldn't that get some of the other CA's like Thawte, USPS and VeriSign that you may not want to trust allowing folks into your box?
Only if you don't delete them first.
Granted, your /etc/passwd|yp domain|LDAP should only have common names for the folks you want in, but these other CA's could issue certs for the same common name. (right?)
Correct. -- Tim
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel
