A
AnonymousOne
Greetings,
I have a question pertaining to Mozilla/Firefox. Is it possible to
access the certificate store (so that the root CA certificates can be
displayed) WITHOUT requiring the bloated JAR signing of the entire page
+ scripts?
Using the Microsoft CAPICOM library, this is possible under IE (all be
it with security pop-ups), but it would seem the only way to do this
under Mozilla is via XPConnect, which requires signing.
I appreciate that Mozilla's approach is probably better from a security
stand-point, but I'm really not keen on having the user to go through
piles of security dialogs just to READ the certificate store (bearing in
mind I'm only interested in listing the CA certificates, so I THINK
there might not be much of a security vulnerability to that).
However, I do appreciate that the differences between the CA store, and
any of the other stores might be purely superficial, and therefore they
are all governed by the same security policy.
Presuming that this functionality DOES require signing, when I attempt
to grant the script rights to XPConnect, will the user still be
presented with a dialog box asking permission?
I have a question pertaining to Mozilla/Firefox. Is it possible to
access the certificate store (so that the root CA certificates can be
displayed) WITHOUT requiring the bloated JAR signing of the entire page
+ scripts?
Using the Microsoft CAPICOM library, this is possible under IE (all be
it with security pop-ups), but it would seem the only way to do this
under Mozilla is via XPConnect, which requires signing.
I appreciate that Mozilla's approach is probably better from a security
stand-point, but I'm really not keen on having the user to go through
piles of security dialogs just to READ the certificate store (bearing in
mind I'm only interested in listing the CA certificates, so I THINK
there might not be much of a security vulnerability to that).
However, I do appreciate that the differences between the CA store, and
any of the other stores might be purely superficial, and therefore they
are all governed by the same security policy.
Presuming that this functionality DOES require signing, when I attempt
to grant the script rights to XPConnect, will the user still be
presented with a dialog box asking permission?