So I went over the https://wiki.mozilla.org/Security/Server_Side_TLS
article with a bit more attention to detail and I think we should
extend it in few places.
Especially if it is supposed to be also the general recommendation
for servers, not just for ones that are part of Mozilla network.
The
Hello,
I'm trying to use cmsutils from the NSS library to sign content with a
certificate from a smartcard. It works in Thunderbird/Icedove but I can't find
the command that will do the same action. If I try (the mail address has been
redacted):
$ cmsutil -S -i /tmp/txt -o /tmp/sign -d
Hello,
I'm trying to use cmsutils from the NSS library to sign content with a
certificate from a smartcard. It works in Thunderbird/Icedove but I can't find
the command that will do the same action. If I try (the mail address has been
redacted):
$ cmsutil -S -i /tmp/txt -o /tmp/sign -d
On Thu, 2014-10-16 at 20:51 +0200, Kai Engert wrote:
Do you claim that Firefox 34 will continue to fall back to SSL 3 when
necessary?
Yes. If I understand correctly, it seems that Firefox indeed still falls
back to SSL3, even with SSL3 disabled.
I found
Hubert,
On 10/20/2014 05:10, Hubert Kario wrote:
So I went over the https://wiki.mozilla.org/Security/Server_Side_TLS
article with a bit more attention to detail and I think we should
extend it in few places.
Especially if it is supposed to be also the general recommendation
for servers, not
Kai,
What is the purpose of Firefox continuing to do any fallback at all ?
IMO, making a second connection with any lower version of SSL/TLS
defeats the intent of the SSL/TLS protocol, which have built-in defenses
against protocol version downgrade.
Isn't it time this fallback gets eliminated
On Mon, 2014-10-20 at 16:45 -0700, Julien Pierre wrote:
What is the purpose of Firefox continuing to do any fallback at all ?
IMO, making a second connection with any lower version of SSL/TLS
defeats the intent of the SSL/TLS protocol, which have built-in defenses
against protocol version
On Tue, 21 Oct 2014 01:40:45 +0200
Kai Engert k...@kuix.de wrote:
On Thu, 2014-10-16 at 20:51 +0200, Kai Engert wrote:
Do you claim that Firefox 34 will continue to fall back to SSL 3 when
necessary?
Yes. If I understand correctly, it seems that Firefox indeed still falls
back to SSL3,
8 matches
Mail list logo