Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Re: Fwd: GLOBALTRUST 2020's reinclusion in Mozilla's trusted certificates
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Fri, 10 Jan 2025 23:41:26 +0100 (CET)
On Fri, 10 Jan 2025, Jeffrey Walton via curl-library wrote:
> Mailing list post at
This issue highlights some of the additional constraints that Mozilla and
other browsers have for certs from some CAs that cannot be conveyed in the CA
cert bundle when shipped in PEM format.
The PEM just lists the certs for the trusted CA, it does not list all the
additional conditions that also are applied.
There is no standard way to share those additional rules and constraints, and
frankly there has never been any particular interest in creating any such
mechanism. They would have to be manually added as plain code in curl.
Date: Fri, 10 Jan 2025 23:41:26 +0100 (CET)
On Fri, 10 Jan 2025, Jeffrey Walton via curl-library wrote:
> Mailing list post at
This issue highlights some of the additional constraints that Mozilla and
other browsers have for certs from some CAs that cannot be conveyed in the CA
cert bundle when shipped in PEM format.
The PEM just lists the certs for the trusted CA, it does not list all the
additional conditions that also are applied.
There is no standard way to share those additional rules and constraints, and
frankly there has never been any particular interest in creating any such
mechanism. They would have to be manually added as plain code in curl.
-- / daniel.haxx.se || https://rock-solid.curl.dev -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2025-01-10