"Jean-Marc Desperrier" wrote: > Brian Smith wrote: > > The kind of improvement you described above will be made to resolve > > Bug 443386 and/or Bug 638966. > > I think Bug 638966 is slightly different, it's about permanently > storing the secret keys in the NSS db (I don't know if that's > really possible, typically the db only stores privates keys).
Softoken may have to be enhanced to support storing Sync (or generic) keys for this to work. > Doing this could solve bug 443386 except that SRP is not a FIPS > approved algorithm so I'm sure if the module ought to still be > able to do SRP when in FIPS mode. See https://bugzilla.mozilla.org/show_bug.cgi?id=443386#c19 (comment 19). The same would apply to SRP. > You are considering to remove PBKDF2 ? If so, the encrypted result > will be incompatible before/after the move? PBKDF2 was already replcaed with HKDF. - Brian -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto