Re: Proposal to Remove legacy TLS Ciphersuits Offered by Firefox
On 2013-12-15 02:41, Brian Smith wrote: On Sat, Dec 14, 2013 at 4:47 PM, Kosuke Kaizuka cai.0...@gmail.com wrote: little supported, never negotiated cipher One of the largest websites which support Camellia is Yahoo!. Firefox 26 or lower use TLS_RSA_WITH_CAMELLIA_256_CBC_SHA with Yahoo!. In Firefox 27 or later, Yahoo! will choose TLS_RSA_WITH_AES_128_CBC_SHA instead, because of the cipher suite order change in Firefox 27. I'm not sure what you mean with Yahoo!, they have several sites each with their own settings. Some of them set the preferred order at the server side and prefer RC4 and so we end up with RC4. I'm considering if we should also drop support for RC4 on the client side. At least IE11 on windows 8.1 doesn't do RC4, but does do 3DES. Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
[ANNOUNCE] NSS 3.15.4 Release
The NSS Development Team announces the release of NSS 3.15.4. Network Security Services (NSS) 3.15.4 is a patch release for NSS 3.15. The following security-relevant bug has been resolved. Users are encouraged to upgrade immediately. * Bug 919877 - When false start is enabled, libssl will sometimes return unencrypted, unauthenticated data from PR_Recv New functionality: * Implemented OCSP querying using the HTTP GET method, which is the new default, and will fall back to the HTTP POST method. * Implemented OCSP server functionality for testing purposes (httpserv utility). * Support SHA-1 signatures with TLS 1.2 client authentication. * Added the --empty-password command-line option to certutil, to be used with -N: use an empty password when creating a new database. * Added the -w command-line option to pp: don't wrap long output lines. New Functions: * CERT_ForcePostMethodForOCSP * CERT_GetSubjectNameDigest * CERT_GetSubjectPublicKeyDigest * SSL_PeerCertificateChain * SSL_RecommendedCanFalseStart * SSL_SetCanFalseStartCallback New Types * CERT_REV_M_FORCE_POST_METHOD_FOR_OCSP: When this flag is used, libpkix will never attempt to use the HTTP GET method for OCSP requests; it will always use POST. Notable Changes: * Reordered the cipher suites offered in SSL/TLS client hello messages to match modern best practices. * Updated the set of root CA certificates (version 1.96). * Improved SSL/TLS false start. In addition to enabling the SSL_ENABLE_FALSE_START option, an application must now register a callback using the SSL_SetCanFalseStartCallback function. * When building on Windows, OS_TARGET now defaults to WIN95. To use the WINNT build configuration, specify OS_TARGET=WINNT. The full release notes are available at https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.4_release_notes The HG tag is NSS_3_15_4_RTM. NSS 3.15.4 requires NSPR 4.10.2 or newer. NSS 3.15.4 source distributions are also available on ftp.mozilla.org for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_4_RTM/src/ A complete list of all bugs resolved in this release can be obtained at https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXEDclassification=Componentsquery_format=advancedtarget_milestone=3.15.4product=NSS -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Proposal to Remove legacy TLS Ciphersuits Offered by Firefox
On 2014-01-09 06:41, Kurt Roeckx wrote: I'm considering if we should also drop support for RC4 on the client side. At least IE11 on windows 8.1 doesn't do RC4, but does do 3DES. I started a scan of Alexa's top 1 million websites. It's going to take a few days to have all the results. So far, 21 out of 1396 websites scanned support neither AES or 3DES. All of these sites are high traffic: lynda.com priceline.com adultfriendfinder.com siteground.com lacaixa.es mmotraffic.com hostmonster.com elance.com vine.co cvs.com tharunaya.co.uk directv.com goal.com bluehost.com typepad.com inbox.com sprint.com squarespace.com justhost.com 123rf.com hostgator.com The (partial) results are here: http://4u.1nw.eu/top1m_ciphersuite_scan.tar I'll do more number crunching once the scan is done. The numbers show that deprecating RC4 in Firefox would have real impact on big websites. Whether we think that's a good or bad thing is up for discussion :) - Julien -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Proposal to Remove legacy TLS Ciphersuits Offered by Firefox
On Thu, Jan 09, 2014 at 12:59:40PM -0500, Julien Vehent wrote: On 2014-01-09 06:41, Kurt Roeckx wrote: I'm considering if we should also drop support for RC4 on the client side. At least IE11 on windows 8.1 doesn't do RC4, but does do 3DES. I started a scan of Alexa's top 1 million websites. It's going to take a few days to have all the results. So far, 21 out of 1396 websites scanned support neither AES or 3DES. For all the ones I looked it, they only have RC4 enabled. So I have to wonder, do are those sites that people in general use without ssl? Or does IE11 have some fallback mechanism that it enables RC4 if it first fails to negiotate a protocol? Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Bug 479744 - RFE : VIA Padlock ACE support (hardware RNG, AES, SHA1 and SHA256)
hi,has someone already been fixed the bug? recently, I want add Via Padlock Hardware AES cipher to NSS module,But, always make some mistakes -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Bug 479744 - RFE : VIA Padlock ACE support (hardware RNG, AES, SHA1 and SHA256)
在 2014年1月10日星期五UTC+8上午11时04分21秒,njut...@gmail.com写道: hi,has someone already been fixed the bug? recently, I want add Via Padlock Hardware AES cipher to NSS module,But, always make some mistakes In Nss project, I use clipher to test aes_cbc -E aes_cbc -D the following is the print log Software AES clipher log: input is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, output is : 0xa0, 0x92, 0xe0, 0x3b, 0x36, 0x75, 0x1a, 0x25, 0xad, 0xdc, 0x31, 0xa8, 0xda, 0xc3, 0xca, 0x68, input is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, output is : 0xe9, 0xf2, 0x1a, 0xe4, 0x73, 0xe6, 0xc6, 0x70, 0x98, 0x3c, 0xa7, 0xe1, 0xdb, 0xc0, 0xa9, 0xdf, Encryption self-test for aes_cbc passed. cipher.sh: #1: AES CBC Encrypt - PASSED input is : 0xa0, 0x92, 0xe0, 0x3b, 0x36, 0x75, 0x1a, 0x25, 0xad, 0xdc, 0x31, 0xa8, 0xda, 0xc3, 0xca, 0x68, output is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, $AES_Decrypt input is : 0xe9, 0xf2, 0x1a, 0xe4, 0x73, 0xe6, 0xc6, 0x70, 0x98, 0x3c, 0xa7, 0xe1, 0xdb, 0xc0, 0xa9, 0xdf, output is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, Decryption self-test for aes_cbc passed. cipher.sh: #1: AES CBC Decrypt - PASSED VIA Hardware Aes clipher log: #encrypt is : 1## #via padlock ace is available liuwei# mode is :1 key is :0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x39, 0x38, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x30, iv is : 0x71, 0x77, 0x65, 0x72, 0x74, 0x79, 0x75, 0x69, 0x6f, 0x70, 0x61, 0x73, 0x64, 0x66, 0x67, 0x68, 0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x39, 0x38, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x30, ###aes_via_InitContext() Success# Via Encrypt in the via_aes_encrypt inlen: 16blocksize : 16 input is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, output is : 0xa0, 0x92, 0xe0, 0x3b, 0x36, 0x75, 0x1a, 0x25, 0xad, 0xdc, 0x31, 0xa8, 0xda, 0xc3, 0xca, 0x68, Via Encrypt in the via_aes_encrypt inlen: 16blocksize : 16 input is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, output is : 0xe9, 0xf2, 0x1a, 0xe4, 0x73, 0xe6, 0xc6, 0x70, 0x98, 0x3c, 0xa7, 0xe1, 0xdb, 0xc0, 0xa9, 0xdf, via_AES_DestroyContext liuwei Encryption self-test for aes_cbc passed. cipher.sh: #1: AES CBC Encrypt - PASSED #encrypt is : 0## #via padlock ace is available liuwei# mode is :1 key is :0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x39, 0x38, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x30, iv is : 0x71, 0x77, 0x65, 0x72, 0x74, 0x79, 0x75, 0x69, 0x6f, 0x70, 0x61, 0x73, 0x64, 0x66, 0x67, 0x68, 0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x39, 0x38, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x30, ###aes_via_InitContext() Success# $AES_Decrypt Via Decrypt in the via_aes_decrypt inlen: 16blocksize : 16 input is : 0xa0, 0x92, 0xe0, 0x3b, 0x36, 0x75, 0x1a, 0x25, 0xad, 0xdc, 0x31, 0xa8, 0xda, 0xc3, 0xca, 0x68, output is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, $AES_Decrypt Via Decrypt in the via_aes_decrypt inlen: 16blocksize : 16 input is : 0xe9, 0xf2, 0x1a, 0xe4, 0x73, 0xe6, 0xc6, 0x70, 0x98, 0x3c, 0xa7, 0xe1, 0xdb, 0xc0, 0xa9, 0xdf, output is : 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, via_AES_DestroyContext liuwei Decryption self-test for aes_cbc passed. cipher.sh: #1: AES CBC Decrypt - PASSED the software crypt data and VIA Hardware crypt data are the same But when i excute the NSS module in Firefox , The always make a mistake the Brower is broken. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto