Mozilla today announced a new certificate verification library in Gecko, the web browser engine used in many of the company’s applications. At the same time, the company is also offering a special $10,000 security bug bounty specifically for certificate verification in Firefox 31, which is currently a Nightly release but is scheduled to launch on July 31. Here is how Mozilla describes the updated library: The new code is more robust because certificate path building attempts all potential trust chains for a certificate before giving up (acknowledging the fact that the certificate space is a cyclic directed graph and not...

This story continues at The Next Web