On Friday, 1 December 2017 17:11:56 CET Ryan Sleevi wrote: > On Fri, Dec 1, 2017 at 10:23 AM, Hubert Kario <[email protected]> wrote: > > and fine for NSS too, if that changes don't have to be implemented in next > > month or two, but have to be implemented before NSS with final TLS 1.3 > > version > > ships > > Is there a reason not to disable RSA-PSS support in NSS for certificate > signatures until that time?
yes, disabling it without disabling RSA-PSS support in TLS (and thus TLS 1.3 in its entirety) is non-trivial and not possible with current code base > The argument in favor is that this would be a known-buggy implementation > (as already demonstrated by the parameter decoder) > The argument against is that, in addition to rejecting definitely-bad > certs, it would reject definitely-good certs, and thus would limit the > ability to test TLS1.3's experimental implementation. I don't think NSS does reject good certs, can you provide example of such a certificate? -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
