Confirm, administrator
5,526
edits
Changes
m
minor clarification
#*** Subject/Issuer field values in the root certificate to be changed
#*** SHA256 Fingerprint of the certificate to be changed
#*** Specify the change to be made. e.g. if the root is to be removed, or which trust bits are to be turned off, or the distrust-after dates
#**** Consideration: For a serious situation, it might be better to disable the trust bits of that root, rather than just remove the root. If the root is removed, it could potentially be signed by another root that is included in NSS. However, if we disable the trust bits by default, then that root could not be used again for TLS in Firefox unless a user specifically turned on the websites trust bit for it.
#*** Reason for requesting this change
