On 5/13/10 3:32 PM, Nelson B Bolyard wrote:
On 2010-05-13 14:30 PST, Kathleen Wilson wrote:
Is there an NSS environment variable that can be set such that a warning
is provided when a 1024-bit cert is used in Firefox?
No. Any NSS environment variable would disable a feature completely, not
result in it causing a warning. Any variable or preference that results
in a warning would be a PSM feature, not an NSS feature.
My understanding is that if someone were to try to use a 512-bit cert in
Firefox they would get a warning message to the effect that the
connection is not secure, but the user can click to continue.
PSM feature.
My hope is that there is an NSS environment variable that can be set so
that the same sort of warning will get displayed when a 1024-bit cert is
used.
If any such feature exists, it is a PSM feature. It is more likely to be
controlled by a "hidden preference" than an environment variable.
If there is such an environment variable, please let me know the exact
usage so that I can communicate this to CAs for testing purposes.
I will greatly appreciate help with this. Kathleen
You're welcome.
Thanks, Nelson. I appreciate the info.
Of course, the followup question for folks familiar with PSM...
Is there a hidden preference (or other capability) in the PSM that can
be set to make my Firefox browser display a warning when a 1024-bit cert
is used? e.g. similar to what happens when a 512-bit cert is used.
Thanks,
Kathleen
--
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
