I’m a masochist, and subscribe to the entirety of Sun Microsystem’s blog feed. At least 90% of that content is completely worthless to me; however, the 10% that is worthwhile is usually really worthwhile.

This post about managing certificate trust flags in Network Security Services (NSS) databases is part of that 10%, and is the kind of thing everyone dealing with NSS should read. It is crazy that this information is missing from Mozilla’s documentation on certutil; this really makes the trust flags clear!