NSS bulk encryption algorithm

[Julien Regibeau]

Hello,

I'm using NSS 3.2 and I'd like to know if the bulk encryption algorithm is
Triple DES Three Keys for PKCS #7 and for SSL.

Thanks

Re: Better certificate error messages, button for on-demand OCSPvalidation?

[Julien Pierre]

Hi,

fecund wrote:
 Using Mozilla 1.2 alpha, and having trouble accessing many sites when
 OCSP validation is turned on. The typical error is:
  Error trying to validate certificate from secure3.ingdirect.com
 using OCSP - response contains a date which is in the future. 
 
 What I'd like to see in the above error:
 the site it used to validte said certificate
 the invalid date
 eg:  Error trying to validate certificate from secure3.ingdirect.com
 via www.verisign.com using OCSP - response contains a date
 '99/99/' which is in the future. 
 
 Anyway, I ask the bank and they say that one of my root CAs has
 expired or that my clock is wrong. My clock is correct, so I set about
 trying to debug my certificates.

OCSP works fine with https:/secure3.ingdirect.com here, in Mozilla 1.2 
alpha.

So I think it is indeed your clock. Check your timezone, that is almost 
always the problem.

Re: SSL Implemenation from NSS

[Julien Pierre]

Nimesh Ray wrote:
 Hello,
 
 Can the SSL libraries provided by NSS work on other commercial embedded OSes
 other than Windows and Unix? Does anyone know if this is done, and if any
 issues were found related to this?

It can be done, but your embedded device will need lots of RAM to run NSS.