Re: NSS CMS and RFC 5652
Hubert Kario redhat.com> writes: > > Yes, I can confirm the bug. Will you file a bug in mozilla bugzilla > against the NSS component? > Today I filed the Bug 1241446 https://bugzilla.mozilla.org/show_bug.cgi?id=1241446 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: SHA-1 with 'notAfter >= 2017-1-1'
On Tue, January 19, 2016 2:56 pm, s...@gmx.ch wrote: > Hi > > We're already having some discussions about SHA-1, but I'll split this > up into a new thread. > > The initial goal of bug 942515 was to mark certs as insecure, that are > valid 'notBefore >= 2016-01-01' (means issued to use in 2016+) AND also > for certs that are valid 'notAfter >= 2017-1-1' (means still valid in > 2017+). > > The first condition has been implemented, but there are some > 'compatibility' issues with MITM software. [1] > The second condition has not been implemented, but it was already > announced [2] and also considered to set the cut-off a half year earlier > to the July 1, 2016. If this should really happen, we need to hurry up > on this discussion. Of course the problem mentioned in [1] should be > solved first. > > Regards, > Jonas Moving dev-tech-crypto to BCC You've misread [2]. It is *not* about the notAfter but the notBefore. I can assure you, based on our telemetry, there will still be some nasty breakages with measuring on the notAfter. The goal of the announcement (and as agreed by Mozilla, Microsoft, Google, and, of course, the CA/Browser Forum) is that effective 2017-1-1, it's reasonable to turn off support for SHA-1. The only use of the notAfter, in the context of [2], was using that as a signal to show some form of prominent warning in the developer console. And that's been implemented for some time, AFAIK. So the implementation of [2] is still something that, based on Firefox's release calendar, puts it around Firefox 52 [3], thus needing to be implemented sometime around late October / early November, 2016. [2] https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/ [3] https://wiki.mozilla.org/RapidRelease/Calendar -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Using NSS in FIPS mode
Hello, Please let me know if this is not the right place to ask about the following... I am new to NSS and would like to use it in FIPS mode. I do know about OpenSSL and GnuTLS, both of them having explicit calls to enabled FIPS mode. With NSS, so far I have seen that the modutil non-programmatical utility is used to set FIPS mode, as in: % modutil -force -fips true -dbdir How does an application assures that NSS is in FIPS mode ? Are calls such as sftk_fipsCheck() and sftk_fipsPowerUpSelfTest() in the softtoken module (fipstokn.c) available to applications ? What is the behaviour of NSS if an application tries to use a non-approved algorithm ? Finally, is there any example code out there that uses NSS in FIPS mode ? Any comments, suggestions appreciated, thanks. -- View this message in context: http://mozilla.6506.n7.nabble.com/Using-NSS-in-FIPS-mode-tp350446.html Sent from the Mozilla - Cryptography mailing list archive at Nabble.com. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Using NSS in FIPS mode
On 01/21/2016 07:33 AM, jonetsu wrote: Hello, Please let me know if this is not the right place to ask about the following... This is the right place. I am new to NSS and would like to use it in FIPS mode. I do know about OpenSSL and GnuTLS, both of them having explicit calls to enabled FIPS mode. With NSS, so far I have seen that the modutil non-programmatical utility is used to set FIPS mode, as in: % modutil -force -fips true -dbdir How does an application assures that NSS is in FIPS mode ? FIPS is a mode in softoken. Usually when softoken is in FIPS mode, NSS itself is said to be in FIPS mode. The call PK11_IsFIPS() returns true if softoken is in FIPS mode. The dance to programatically is to call SECMOD_DeleteInternalModule(), which toggles the module between FIPS and non-FIPS modes. Are calls such as sftk_fipsCheck() and sftk_fipsPowerUpSelfTest() in the softtoken module (fipstokn.c) available to applications ? No. What is the behaviour of NSS if an application tries to use a non-approved algorithm ? Currently NSS does not restrict you from using non-approved algorithms. Officially going to FIPS mode requires the application to turn off any uses of non-FIPS algorithms itself. In the SSL code the SSLCipherSuiteInfo includes an isFIPS bit applications can use to manually turn off non-FIPS algorithms. Finally, is there any example code out there that uses NSS in FIPS mode ? Firefox has a button to flip to FIPS mode. For the most part the only issue applications may have in FIPS mode is if the application tries to access key material directly (or if the application doesn't handle authentication well). An Example of going into FIPS mode can also be found in the nss source tree under the cmd/modutil directory. bob Any comments, suggestions appreciated, thanks. -- View this message in context: http://mozilla.6506.n7.nabble.com/Using-NSS-in-FIPS-mode-tp350446.html Sent from the Mozilla - Cryptography mailing list archive at Nabble.com. smime.p7s Description: S/MIME Cryptographic Signature -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Using NSS in FIPS mode
On Thu, 21 Jan 2016, Robert Relyea wrote: The call PK11_IsFIPS() returns true if softoken is in FIPS mode. Oh, I did not know about this one. I guess once we (the application) detect the system is in FIPS mode, we could verify that NSS is as well. Finally, is there any example code out there that uses NSS in FIPS mode ? libreswan uses NSS and supports a FIPS mode. Paul -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto