mozilla :: #security

14 May 2017
02:27ulfrjust gonna leave this here:
08:14nicooulfr: Still interested in extracting data about server misconfigurations (partial cert chains, ...), mostly as relevant for tpo, but I would be happy to make plots out of it if others are interested in the data :)
18:34user_trisquelWhat is "Servers" in certificates menu (Firefox)?
18:35user_trisquelabout:preferences#advanced, Certificates
18:36ulfruser_trisquel: < this?
18:37user_trisquelulfr: Yes, View Certificates.
18:38ulfrhmmm pretty sure those are exceptions
18:38user_trisquelAlso I have question about Security Devices, I will ask later.
18:38ulfrlike when you run into a self signed cert and add an exception to accept it
18:39user_trisquelQuestion about Security Devices:
18:40user_trisquelAh, before I should ask about other certificates.
18:40user_trisquelWhat is &quot;People&quot; and &quot;Others&quot;?
18:41ulfrPeople is client certificate that you would use to authenticate against a website
18:41ulfrothers, I don&#39;t know
18:42user_trisquelPeople: Then what is My Certificates?
18:42user_trisquel*Your Certificates
18:43ulfrgood point. I guess &quot;People&quot; is for other people than you then, but I&#39;m not sure, and the PSM folks are probably not online right now.
18:44user_trisquelQuestion about Security Devices:
18:44user_trisquel1. What is Generic Crypto Services?
18:47ulfrfor more info about the internal architecture of nss, you&#39;d have better chances in the #nss channel than here
18:47user_trisquelSo, I should ask about Builtin Object Token on #nss?
18:48user_trisquel*question about
18:48user_trisquel*ask about
18:52user_trisquelI want to add my CA as Builtin Object Token.
18:52user_trisquelHow can I add it?
18:52user_trisquelI need manuals for different OS but I&#39;m using GNU/Linux now.
18:59ulfryou just go into the &quot;Authorities&quot; tab and click &quot;import&quot; at the bottom.
18:59ulfrthen load the public cert of your authority
18:59user_trisquelIt isn&#39;t Builtin Object Token.
19:00user_trisquelMaybe, /usr/share/ca-certificates/mozilla?
19:00ulfrwhat format is your certificate in?
19:00user_trisquelulfr: PEM (I don&#39;t have certificate now)
19:01ulfryou can import the pem file directly, then firefox will ask you the kind of trust you want to apply to it, and add it to the list of trusted authorities
19:02user_trisquelulfr: Isn&#39;t it Software Security Device?
19:03ulfrsoftware security devices are not certificate authorities, they are cryptographic libraries
19:04* ulfr has to go, good luck
19:05user_trisquelAre you still here?
15 May 2017
No messages
Last message: 128 days and 23 hours ago