(In reply to comment #4)
> As discussed on IRC, the correct solution is not to copy certificates around
> wildly; it's to implement the API discussed on bug 29018.
... someone does that, and puts the result here for review.
(I don't currently have time to implement that, and am not volunteering.)
(In reply to comment #10)
> Any updates here?
Not until/unless...
(In reply to comment #4)
> As discussed on IRC, the correct solution is not to copy certificates around
> wildly; it's to implement the API discussed on bug 29018.
... someone does that, and puts the result here for review.
(I don't currently have time to implement that, and am not volunteering.)