Lines Matching refs:nss
10 #include <nss.h>
175 // NOTE: Using a NSS library before 3.12.3.1 will crash below. To see the
176 // NSS version currently in use:
177 // 1. use ldd on the chrome executable for NSS's location (ie. libnss3.so*)
213 // http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/ckfw/builtins/constants.c&rev=1.13&mark=86,89#79
215 "NSS Builtin Objects");
223 // TODO(wtc): NSS has the CERT_GetOrgName, CERT_GetOrgUnitName, and
225 // general (the first) RDN. NSS doesn't have a function for the street
343 // These CAs have multiple keys, which trigger two bugs in NSS's CRL code.
344 // 1. NSS may use one key to verify a CRL signed with another key,
346 // Hopefully this bug will be fixed in NSS 3.12.9.
347 // 2. NSS considers all certificates issued by the CA as revoked when it
349 // has been relaxed in NSS 3.12.7. See
468 // error reporting (NSS bug 528743), so we don't use it by default.
472 // SEC_ERROR_BAD_SIGNATURE error (NSS bug 524013), so we also retry with
504 // certificate policy (NSS bug 552775). So we retry with the certificate
561 // The certificate policy is unknown to NSS. We need to create a dynamic
567 // NSS doesn't allow us to pass an empty description, so I use a hardcoded,
697 // Sign the cert here. The logic of this method references SignCert() in NSS
811 // expired certificates (NSS bug 491174)
