Re: Road to RC4-free web (the case for YouTube without RC4)

- Original Message - From: Brian Smith br...@briansmith.org To: mozilla's crypto code discussion list dev-tech-crypto@lists.mozilla.org Sent: Thursday, 10 July, 2014 3:02:34 AM Subject: Re: Road to RC4-free web (the case for YouTube without RC4) On Wed, Jul 2, 2014 at 5:08 AM,

Re: Road to RC4-free web (the case for YouTube without RC4)

On Tue, Jul 1, 2014 at 11:58 PM, Brian Smith br...@briansmith.org wrote: I am interested in discussing what we can do to help more server side products get better cipher suites by default, and on deciding whether we add support for ChaCha20-Poly1304 Out of curiosity, what's holding back a

Re: Road to RC4-free web (the case for YouTube without RC4)

- Original Message - From: Brian Smith br...@briansmith.org To: mozilla's crypto code discussion list dev-tech-crypto@lists.mozilla.org Cc: mozilla-dev-tech-cry...@lists.mozilla.org Sent: Thursday, 10 July, 2014 2:40:55 AM Subject: Re: Road to RC4-free web (the case for YouTube

Re: Road to RC4-free web (the case for YouTube without RC4)

On 2014-07-10 13:53, Henri Sivonen wrote: On Tue, Jul 1, 2014 at 11:58 PM, Brian Smith br...@briansmith.org wrote: I am interested in discussing what we can do to help more server side products get better cipher suites by default, and on deciding whether we add support for ChaCha20-Poly1304

ChaCha20-Poly1305 in Gecko/Firefox (was Re: Road to RC4-free web (the case for YouTube without RC4))

On Thu, Jul 10, 2014 at 4:53 AM, Henri Sivonen hsivo...@hsivonen.fi wrote: On Tue, Jul 1, 2014 at 11:58 PM, Brian Smith br...@briansmith.org wrote: I am interested in discussing what we can do to help more server side products get better cipher suites by default, and on deciding whether we

Curve25519 and/or Curve41417 and/or Alternatives in Gecko/Firefox (was Re: Road to RC4-free web (the case for YouTube without RC4))

On Thu, Jul 10, 2014 at 5:33 AM, Kurt Roeckx k...@roeckx.be wrote: [snip] An other alternative is using curve25519. It's also not standardized yet, but at this time it seems more likely to be standardized first. Thanks for bringing up curve25519. I'd like to share a recent paper written by

Re: Curve25519 and/or Curve41417 and/or Alternatives in Gecko/Firefox (was Re: Road to RC4-free web (the case for YouTube without RC4))

On Thu, Jul 10, 2014 at 09:57:56AM -0700, Brian Smith wrote: On Thu, Jul 10, 2014 at 5:33 AM, Kurt Roeckx k...@roeckx.be wrote: [snip] An other alternative is using curve25519. It's also not standardized yet, but at this time it seems more likely to be standardized first. Thanks for

Re: Road to RC4-free web (the case for YouTube without RC4)

On Thu, Jul 10, 2014 at 5:00 AM, Hubert Kario hka...@redhat.com wrote: - Original Message - From: Brian Smith br...@briansmith.org snip However, it is likely that crypto libraries that make the two changes above will also have support for TLS_ECDHE_*_WITH_AES_*_GCM cipher suites too.

Re: Curve25519 and/or Curve41417 and/or Alternatives in Gecko/Firefox (was Re: Road to RC4-free web (the case for YouTube without RC4))

On Thu, Jul 10, 2014 at 7:35 PM, Kurt Roeckx k...@roeckx.be wrote: I would like to hear what others think about this, including what people think Gecko should do. I think it looks promosing. But like the paper indicates it needs time for other people to review it before it's going to see any

Re: ChaCha20-Poly1305 in Gecko/Firefox (was Re: Road to RC4-free web (the case for YouTube without RC4))

On Thu, Jul 10, 2014 at 6:41 PM, Brian Smith br...@briansmith.org wrote: So, what initially looked like a minor amount of effort turned into a more significant effort. If there is somebody interested in taking this on, I would be very happy to help them with it. Are there bugs, with some

Re: NSS Custom Crypto Module

Thanks,i would ready the documentation. Can i extend/modify the NSS internal pkcs#11 source (softokn3.dll source) to achieve my requirement? Or it is meant only internal usage. If it can be used as starting point then which methods should i override? -- View this message in context: