Rich Megginson wrote: > On 10/03/2012 10:18 AM, Howard Chu wrote: >> Thanks for your comments, Rich.
>>> Maybe we could use nss_compat_ossl to do the mapping of cipher names >>> from openssl to moznss? >> >> That makes sense to me, although if as you say it hasn't been actively >> maintained, that sounds like another problem. But certainly if other >> apps are using it, then aren't they going to want new cipher suite >> support too? >> > Yes, and imho nss_compat_ossl is the place to do this. > > But, would it be possible to update the cipher suite list in tls_m.c > first, to bring it up to date, then work on updating the compat library? I discussed this with Kurt; the Project's policy on issues like this in the past has been not to commit any backward-compatibility fixes of this sort until the real fix has already been released. I.e., we should wait until nss_compat_ossl has been updated. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
