Re: xmlsec / ECDSA problem

2017-02-18 Thread Peter Bowen
On Wed, Feb 15, 2017 at 9:22 AM, Gervase Markham wrote: > On 15/02/17 17:17, Martin Thomson wrote: >> Sure. Both NSS and Firefox support P-521. We still accept TLS >> handshakes that use it (for both key exchange and signing). I believe >> that it is also supported in

Re: xmlsec / ECDSA problem

2017-02-17 Thread Martin Thomson
On Sat, Feb 18, 2017 at 8:59 AM, Jeremy Rowley wrote: > It's still permitted in the policy. > > https://www.mozilla.org/en-US/about/governance/policies/security-group/certs > /policy/#inclusion Yes, well... The policy says P-512, which doesn't actually exist. The

RE: xmlsec / ECDSA problem

2017-02-17 Thread Jeremy Rowley
Thomson Sent: Wednesday, February 15, 2017 5:06 PM To: mozilla's crypto code discussion list <dev-tech-crypto@lists.mozilla.org> Cc: mozilla-dev-tech-crypto <mozilla-dev-tech-cry...@lists.mozilla.org> Subject: Re: xmlsec / ECDSA problem On Thu, Feb 16, 2017 at 4:22 AM, Gervas

Re: xmlsec / ECDSA problem

2017-02-15 Thread Martin Thomson
On Thu, Feb 16, 2017 at 4:22 AM, Gervase Markham wrote: > Did things break when we disabled it? A few things. It lasted less than a day in Nightly before we got multiple bug reports. > Do we know why Chrome decided not to support it? Two NIST curves is enough? That's my

Re: xmlsec / ECDSA problem

2017-02-15 Thread Gervase Markham
On 15/02/17 17:17, Martin Thomson wrote: > Sure. Both NSS and Firefox support P-521. We still accept TLS > handshakes that use it (for both key exchange and signing). I believe > that it is also supported in webcrypto. > > I believe that Chrome doesn't support P-521 in TLS. We tried to >

Re: xmlsec / ECDSA problem

2017-02-15 Thread Martin Thomson
On Thu, Feb 16, 2017 at 3:44 AM, Gervase Markham wrote: > There seemed to be some confusion recently in m.d.s.policy about whether > NSS, and then Firefox, supported P-521 for server auth certs. Can > someeone clear it up for me and tell me what the situation is? :-) Sure.

Re: xmlsec / ECDSA problem

2017-02-15 Thread Martin Thomson
On Wed, Feb 15, 2017 at 7:59 PM, Miklos Vajna wrote: > To avoid solving multiple problems at once, probably I'll go for an > other ECDSA testcase first where the parameter is supported by NSS. :-) The best supported curve is P-256 (i.e., secp256r1), but P-384 (secp384r1) and