On Wed, Mar 3, 2010 at 4:05 AM, Jean-Marc Desperrier <jmd...@gmail.com> wrote: > > TLS depends on the cipher-suites, and fortunately it's not hard-coded. > > Unfortunately, the first cipher suites using SHA256 are the one defined in > TLS1.2 (RFC5246), and I believe the support for this RFC is still not > included by NSS. > > It would not be a lot of work to implement at least > TLS_RSA_WITH_AES_128_CBC_SHA256 , TLS_RSA_WITH_AES_256_CBC_SHA256 , > TLS_DH_RSA_WITH_AES_128_CBC_SHA256 , TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 as > it would just mean replacing SHA1 with SHA256 wrt the equivalent SHA1 > suites, but it has not been done yet. I think an external contributor could > do it.
Yes. Would you be interested in working on this? I found an existing request for TLS 1.2 in Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=480514 Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
