Werner == Werner Koch [EMAIL PROTECTED] writes:
Werner The last time I checked the Mozilla code they used their own crypto
Werner stuff. When did they switched to OpenSSL and how do they solve the
Werner GPL/OpenSSL license incompatibility?
Indeed they do. It is called nss, is available as a
Peter Gutmann wrote:
Victor Duchovni [EMAIL PROTECTED] writes:
While Firefox should ideally be developing and testing PSK now, without
stable libraries to use in servers and browsers, we can't yet expect anything
to be released.
Is that the FF devlopers' reason for holding back? Just
On Thu, 7 Feb 2008 16:37, [EMAIL PROTECTED] said:
I don't have any idea why or why not, but all they can release now is
source code with #ifdef openssl = 0.9.9 ... do PSK stuff ... #endif,
The last time I checked the Mozilla code they used their own crypto
stuff. When did they switched to
Victor Duchovni [EMAIL PROTECTED] writes:
While Firefox should ideally be developing and testing PSK now, without
stable libraries to use in servers and browsers, we can't yet expect anything
to be released.
Is that the FF devlopers' reason for holding back? Just wondering... why not
release it
Frank Siebenlist [EMAIL PROTECTED] writes:
With the big browser war still going strong, wouldn't that provide fantastic
marketing opportunities for Firefox?
There's always the problem of politics. You'd think that support for a free
CA like CAcert would also provide fantastic marketing
On Thu, Feb 07, 2008 at 08:47:20PM +1300, Peter Gutmann wrote:
Victor Duchovni [EMAIL PROTECTED] writes:
While Firefox should ideally be developing and testing PSK now, without
stable libraries to use in servers and browsers, we can't yet expect anything
to be released.
Is that the FF
On Feb 1, 2008, at 9:34 PM, Ian G wrote:
* Browser vendors don't employ security people as we know them on
this mailgroup [...] But they are completely at sea when it comes
to systemic security failings or designing new systems.
I don't know about other browsers, but Mozilla's CSO-type is
Frank Siebenlist [EMAIL PROTECTED] writes:
That's actually a sad observation.
I keep telling my colleagues that this technology is coming any day now to
a browser near you - didn't realize that that there was no interest with the
browser companies to add support for this...
I know of a number
Peter Gutmann wrote:
Frank Siebenlist [EMAIL PROTECTED] writes:
That's actually a sad observation.
I keep telling my colleagues that this technology is coming any day now to
a browser near you - didn't realize that that there was no interest with the
browser companies to add support for
On Wed, Feb 06, 2008 at 09:21:47AM -0800, Frank Siebenlist wrote:
With the big browser war still going strong, wouldn't that provide
fantastic marketing opportunities for Firefox?
If Firefox would support these secure password protocols, and the banks
would openly recommend their
At 09:34 PM 2/1/2008 +0100, Ian G wrote:
* Browser vendors don't employ security people as we know them on this
mailgroup, they employ cryptoplumbers. Completely different layer. These
people are mostly good (and often very good) at fixing security bugs. We
thank them for that! But they
Frank Siebenlist wrote:
Why do the browser companies not care?
I spent a few years trying to interest (at least) one
browser vendor with looking at new security problems
(phishing) and using the knowledge that we had to solve this
(opportunistic cryptography). No luck whatsoever. My view
12 matches
Mail list logo
