David B Hinz wrote, On 2008-09-11 09:13:
We are still encountering the problem detailed below that was described by
Steve over a year ago.
Is there anyone that can provide some insight on how we can solve this
problem?
What happens is that some of our applications must run 24x7 yet the
On 09/17/2008 09:01 PM, Nelson Bolyard:
I wouldn't call it a known issue with Mozilla based products.
It's a requirement of the SSL/TLS specifications.
That's correct.
It's an issue with servers that are not configured to conform to those
specifications.
Right, but as I mentioned elsewhere,
Yes, that's the right solution.
It was, indeed.
Testing it with other browser worked flawlessly, thus the misunderstanding.
Thank you very much,
--
Fabio
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
Francisco Puentes wrote, On 2008-09-17 14:27:
Yes, I know.
Precisely I need RSA to encrypt a buffer to exchange sessions keys (very
small xml document), which will be used to encrypt the session with AES.
So :-) Can NSS encrypt raw data?
With RSA?
NSS was designed around the FIPS 140
Perhaps, Eddy, StartCom's roots were only approved for SSL Certificate
Authority. Did you not include a request for Email or Software
Development bits?
-Kyle H
On Wed, Sep 17, 2008 at 11:11 AM, Eddy Nigg [EMAIL PROTECTED] wrote:
On 09/17/2008 09:01 PM, Nelson Bolyard:
I wouldn't call it a
On Wed, Sep 17, 2008 at 4:52 PM, Eddy Nigg [EMAIL PROTECTED] wrote:
I've been banging my head against a wall here because of this FUD and
about misinformation which is absolutely incorrect. Sad, because there
are many FF users running into it. And it doesn't help to ignore the
fact that web
On 09/18/2008 03:06 AM, Wan-Teh Chang:
It would be nice to contribute a patch for Apache/mod_ssl to validate
its own certificate chain at startup.
Perhaps then you should also offer a patch for IIS ;-)
Ironic as it may sound, but as a matter of fact, Windows servers serve
more secured web
Eddy Nigg wrote, On 2008-09-17 16:52:
There is absolutely no security issue at all with following the AIA CA
Issuer extension, otherwise FF could not use the same extension to find
the OCSP responder URL either. Nevertheless NSS does exactly that...uses
the OCSP URL listed in the AIA
8 matches
Mail list logo