Confirmed users
76
edits
SecurityEngineering/Certificate Verification: Difference between revisions
Jump to navigation
Jump to search
SecurityEngineering/Certificate Verification (view source)
Revision as of 20:09, 17 March 2014
, 17 March 2014no edit summary
No edit summary |
|||
| Line 82: | Line 82: | ||
* Richard to reach out to openssl | * Richard to reach out to openssl | ||
* Keeler to schedule an actual code review | * Keeler to schedule an actual code review | ||
=== Chossing your Verification Library === | |||
Currently there are two hidden flags that determine what certificate verification library is used | |||
by firefox. The following 'truth table' allows you to determine what verification library is used. | |||
Note that the value of "security.use_libpkix_verification" is only checked at initialization time. | |||
{|border="1" cellpadding="5" cellspacing="0" align="center" | |||
! colspan="2" rowspan=2| | |||
! colspan="2"|security.use_libpkix_verification | |||
|---- | |||
| 0 (default) | |||
| 1 | |||
|---- | |||
|rowspan=2 | '''security.use_insanity_verification''' | |||
| 0(default) | |||
| Classic | |||
| libpkix | |||
|---- | |||
|1 | |||
| insanity::pkix | |||
| insanity::pkix | |||
|---- | |||
|} | |||