ghost
commented
10 years ago Here are my developer notes:
http://www.oxymoronical.com/experiments/apidocs/platform/1.9.2a1pre/interface/nsIX509CertDB http://www.oxymoronical.com/experiments/apidocs/platform/1.9.2a1pre/interface/nsIX509Cert
certDB.isCertTrusted(cert, certType, trustType)
certDB.setCertTrust (cert, certType, trustType)
nsIX509Cert certType
UNKNOWN_CERT = 0
CA_CERT = 1
USER_CERT = 2
EMAIL_CERT = 4
SERVER_CERT = 8
nsIX509CertDB trustType
UNTRUSTED = 0
TRUSTED_SSL = 1
TRUSTED_EMAIL = 2
TRUSTED_OBJSIGN = 4
certDB.setCertTrust(cert, 1|2|4|8, 0); // doesn't workusing CertDB1
var certDB1 = Components.classes["@mozilla.org/security/x509certdb;1"].getService(Components.interfaces.nsIX509CertDB);
var certNameList = {};
certDB1.findCertNicknames(null, 0, {}, certNameList);
var certNames = certNameList.value;
certDB1.findCertByNickname(...)
daveschaefer
Similar to #131 add a "Distrust all default Authorities" button to Perspectives (as it's unlikely that this functionality will be added to Firefox soon) which distrusts all default Authorities in the certificate store. The button should also display a security warning like "This will distrust all Authorities. All secured websites are going to fail with a certificate security exception until they have been verified by Perspectives. If you are sure please enter the following sentence: 'The CA system is broken'." We should also add a help text which explains how to restore the default CAs or retrust them.