NSS:ToolsToShip

Which tools should be shipped with NSS?

On operating systems that ship NSS as a system library, it's a good idea to ship the NSS tools as well. This page is meant to reach an agreement which tools can be shipped and what requirements that would have.

Proposal: main tools vs. unsupported tools

Make a difference between:

• "main" tools that get installed in the global program search path (like /usr/bin on Linux) and should therefore be documented and part of NSS' QA
• "unsupported" tools that do not have documentation, that are not necessarily part of the NSS QA, that will not get installed in the search path, but in a secondary location like /usr/lib/nss/unsupported-tools

Group 1: Tools that are shipping already

The following tools seem to have sufficient docs and are already being shipped by some vendors: Note the NSS tools documentation page is at: http://www.mozilla.org/projects/security/pki/nss/tools/

• certutil
• modutil
• p12util
• signtool
• ssltap

Group 2: Candidates for addition that have documentation

These tools are listed on ttp://www.mozilla.org/projects/security/pki/nss/tools/ and except dbck we've been asked to ship them:

crlutil

Has docs. Proposal: ship as "main" tool

cmsutil

Has docs. Proposal: ship as "main" tool

signver

Proposal: clean up docs and ship as "main" tool

Docs need work!

• docs currently point to developer.netscape.com, no longer available!
• however, we have an archived version here:
  • http://web.archive.org/web/20040811144911/http://developer.netscape.com/docs/manuals/security/signver/signver.htm
  • http://web.archive.org/web/20040821155856/developer.netscape.com/tech/security/index.html?content=formsign/formsign.html
• should we just copy the old documentation to a new page?
• are we allowed to?

dbck

No docs. Proposal: do NOT package this tool