Martin,
Martin Paljak wrote:
This is because currently tokens are used for low level internet pipe
things in the form of SSL/TSL. It is impossible to bring those network
level events to the UI level, and it would not make much sense either.
NSS allows the password prompting callback to be
Rich,
Rich Megginson wrote:
I've been looking at the problem of different libraries/different
clients each with their own private key/cert db in a single process (for
example, the Thunderbird ldap/nss_ldap problem). In this case, the user
may want nss_ldap to keep its certs and keys
John,
John Smith wrote:
Hi:
I downloaded the NSS 3.12.3 and NSPR 4.7.4 source code and was running
the provided test suite. However, test #537 (part of Cache CRL SSL
Client Tests) gets stuck (all previous tests pass according to
results.html), and I have to kill the test process. The last
Nelson B Bolyard wrote:
dave davesons wrote, On 2009-04-03 06:22 PDT:
If you import an updated version of a CRL in mod_nss and you make use of
the same nickname:
* Is it necessary to restart the web server for mod_nss to take it into
account?
* Does mod_nss still remember the old CRL?
Dave,
Hi,
ksreedha...@gmail.com wrote:
Hi Julien,
I am running this on CentOS 5. This is part of the Java Server. Where
should I see the core file. I didn't find one. I searched entire file
system for the core
What would be the file name.
I know nothing about CentOS - I had never even heard of it
Nelson,
Nelson B Bolyard wrote:
Eddy Nigg wrote, On 2009-03-23 08:30:
On 03/23/2009 06:29 AM, Nelson B Bolyard:
1) When the user downloaded his new email cert in his browser, he didn't
get the full chain, but only got his own cert. So, he didn't have the
complete cert chain in his browser
NZzi,
NZzi wrote:
Nelson B Bolyard wrote:
DanKegel wrote, On 2009-03-15 11:50:
I'm looking at memory leaks, starting with the simple test program
#include ssl.h
#include stdio.h
int main()
{
NSS_NoDB_Init();
NSS_Shutdown();
For leak testing, there's one more important call to be
Dave,
Yes, I did some benchmarks many years ago when I worked on the CRL cache.
I was using a 26 MB CRL, and it was about 1 million revoked certs I believe.
The RAM usage is significant, I think you can count on about 4-6x the
size of the CRL. A CRL of that size may be OK on today's machines.
Eddy,
Eddy Nigg wrote:
Once when I was naive enough and clicked for unsubscribe I've got ten
times the amount of spam (since I just confirmed to them that I've read
it and the account is real) until I closed the account altogether. Bad
idea, no trust relationship exists in this respect.
Wan-Teh Chang wrote:
2009/3/10 marcelino jr esguerra marcelinoesguerr...@gmail.com:
i have these:
mozilla/nsprpub
mozilla/dbm
mozilla/security/nss
mozilla/security/coreconf
mozilla/security/dbm
i downloaded the MozillaBuildSetup-1.3.exe and installed it.
i use the start-msvc9.bat and went
Nelson,
Nelson B Bolyard wrote:
This is probably a policy question, but: are we willing to accept CAs
that use CRLs that we cannot parse?
It seems to me that the answer should be the same as for all other
subordinate CAs that exist today, over which the Mozilla foundation has
no control,
David,
David Stutzman wrote:
Jean-Marc Desperrier wrote:
You *obviously* never had to handle this CRL :
http://onsitecrl.certplus.com/DIRECTIONGENERALEDESIMPOTSDIRECTIONGENERALEDESIMPOTSUSAGER/LatestCRL
Java programs just can't take it up. And J2EE is by far the most
popular application
Ian,
Ian G wrote:
On 31/1/09 03:56, Kyle Hamilton wrote:
The PKIX standard can deal with problems of this extent.
If an implementation of the standard cannot, then the implementation
is nonconforming, and cannot be expected to interoperate.
Do you mean, an implementation should be able to
Wan-Teh,
Wan-Teh Chang wrote:
On Tue, Jan 27, 2009 at 9:56 PM, alex.agra...@gmail.com wrote:
Hi,
I wonder if someone could clear to me the status of NSS FIPS-140
certification on SPARC Solaris 10. According to
https://wiki.mozilla.org/FIPS_Validation
the latest certified NSS crypto module
Ian,
Ian G wrote:
On 26/1/09 19:43, Jean-Marc Desperrier wrote:
About Apache, it seems the potential problem is more with OpenSSL, it
will not enable SHA-2 by default if you only enable the default
algorithms for SSL.
But I think most people choose instead to initialize all the algorithms
Jean-Daniel,
Jean-Daniel wrote:
In fact, I do not directly use the OpenSSL generator, I'm using the
CDSA keygen API and it return a PKCS1 public key and a PKCS8 private
key.
After that, I can decode the public key using SEC_ASN1DecodeItem with
the SECKEY_RSAPublicKeyTemplate and I can use
Jean-Daniel,
Jean-Daniel wrote:
Everything is green.
Great !
The new asm file does not try to determine at runtime if SSE2 is
present, but it does it at compile time.
By default the Apple GCC version define __SSE2__, so the default is to
use it on Mac.
And as mention before, all supported
Jean-Daniel,
Jean-Daniel wrote:
Since the death of OpenDarwin, I think the only Darwin stand alone
projet is PureDarwin.
But there is not yet a stable version. And in the list of required
processor, all listed processor have SSE2.
http://www.puredarwin.org/users/prerequisites
Theoretically
Jean-Marc Desperrier wrote:
Now did we not receive promises by the CAs that they were *actively*
working to solve the problem and get all sites to replace their cert ?
I don't know.
Have any of those certs been revoked ?
___
dev-tech-crypto mailing
Jean-Daniel,
Jean-Daniel wrote:
I did an other simple test that call SECKEY_CreateRSAPrivateKey() in a
loop and then call the OpenSSL equivalent to compare both functions.
NSS does not perform as bad as I thought first, but it remain slower
than what I expect on a modern machine.
See the
Nelson,
Nelson B Bolyard wrote:
Julien R Pierre - Sun Microsystems wrote, On 2009-01-21 15:03:
You are running Darwin, and freebl does not have any optimizations for
RSA on darwin. It has some assembly optimizations on most other x86
platforms. But on Darwin, freebl is built with plain C
Jean-Daniel,
Jean-Daniel wrote:
Another possible reason is if you are comparing 32-bit NSS vs 64-bit
OpenSSL binaries. Regardless of assembly optimizations. The 64-bit code
is always a lot faster, even without optimizations.
Of course, but as my test exec is link on both library, so that
Paul Hoffman wrote:
At 3:45 PM -0800 1/21/09, Nelson B Bolyard wrote:
Perhaps Mozilla should change its policy to require CAs to revoke certs
when the private key is known to be compromised, whether or not an attack
is in evidence, as a condition of having trust bits in Firefox.
Fully agree.
Rob,
Rob Stradling wrote:
If there existed a standardized certificate extension in which a CA could put
additional signatures using different algorithms, do you think you'd consider
adding support for it to NSS? If yes, might you do this before it was widely
supported by CAs, or do you think
Gervase,
Gervase Markham wrote:
Ben Bucksch wrote:
I propose to announce that we'll stop supporting MD5 in 3 months, and
ask website owners to get new certs.
On the basis of any known risk?
The current attack requires the attacker to be able to get a cert signed
for a key they control. If
Jean-Marc,
Jean-Marc Desperrier wrote:
Julien R Pierre - Sun Microsystems wrote:
[...]
I think many CAs will keep the serial numbers of expired certs on
their CRLs for a few years after expiration. But I don't think most
do that indefinitely. One big problem is that there is currently no
way
Eddy,
Eddy Nigg wrote:
On 01/13/2009 12:37 AM, Julien R Pierre - Sun Microsystems:
I agree. The person who wrote that page must have misunderstood the
meaning of the CRL Issuing Distribution Points extension. This extension
is required to be critical in RFC 3280 and 5280 for good reason
Ben,
Ben Bucksch wrote:
On 09.01.2009 03:56, Julien R Pierre - Sun Microsystems wrote:
Of course, when it comes to audio and video chat, part of the very
data that's being transferred can serve to authenticate the other
party (voice print, video), somewhat reducing the need for
transport
Ian,
Ian G wrote:
If you follow the KCM logic, you would have to give an application
warning, which is completely unwarranted under current standards.
If the new cert is unauthentic, then it would cause some form of alert
that would be entirely warranted. Currently, a false cert will
Ian,
Ian G wrote:
Yes, the writing is on the wall for SHA-1 as well, and has been since
2005 or so.
February 2005, here's my blog posts.
https://financialcryptography.com/mt/archives/000374.html
https://financialcryptography.com/mt/archives/000357.html
Eddy,
Eddy Nigg wrote:
On 01/09/2009 03:41 AM, Julien R Pierre - Sun Microsystems:
FYI, if a certificate is expired, NSS won't even bother performing a
revocation check on it, either CRL or OCSP.
Are you sure?
Yes. The validity check is one of the earliest ones that happens on the
cert
Ben,
Ben Bucksch wrote:
Our CAs would not be allowed to do that. It's fairly trivial to keep the
whole list.
It's not going to grew over a Gigabyte, any MySQL could do that.
Including the replication to have it redundant.
Certainly it's trivial, but not inexpensive especially on large
Eddy,
Eddy Nigg wrote:
On 01/09/2009 10:20 PM, Julien R Pierre - Sun Microsystems:
Well, we'll just have to agree to disagree :) IMO revocation really
doesn't matter if you already know the certificate is invalid at the
time you are checking it. It's like trying to check a dead person's
pulse
Eddy,
Eddy Nigg wrote:
On 01/09/2009 12:15 AM, Nelson B Bolyard:
It requires that CAs NEVER forget about any certs they previously
issued, not even after they expire. It means that a CA's list of revoked
certs will grow boundlessly. It makes CRLs become impractically big.
Well...StartCom
Ben,
Ben Bucksch wrote:
With OCSP, it's not a problem anymore, because the question is is
*this* cert still valid? not tell me all revoked certs.
No, the question OCSP asks is not that . It is is this cert revoked, as
of the current date ?
Note that OCSP does not allow revocation checks
Ian,
Ian G wrote:
Nelson's point was that CRLs become unbounded; but that's not a problem
(a) if there are no disputes or (b) in an OCSP world. Pick (a) or (b).
Uh ?
In case a, even if there are no disputes, the CRL consumers all have to
update the ever-growing CRLs. This can consume
Ian,
Ian G wrote:
On 8/1/09 21:12, Eddy Nigg wrote:
On 01/08/2009 09:58 PM, Ben Bucksch:
On 08.01.2009 14:46, Johnathan Nightingale wrote:
- All of this would be better with KCM, which is why I filed this bug
to discuss the possibility.
https://bugzilla.mozilla.org/show_bug.cgi?id=kcm
Ian,
Ian G wrote:
On 8/1/09 23:35, Eddy Nigg wrote:
On 01/08/2009 11:44 PM, Ian G:
Well, what Firefox does is cert-exception-click-thru-ordeal; whereas
people are asking for key-continuity-management, with perhaps the
emphasis on the last word.
Well, is it than an endorsement for
Ben,
Of course, when it comes to audio and video chat, part of the very data
that's being transferred can serve to authenticate the other party
(voice print, video), somewhat reducing the need for transport-level
authentication ... This doesn't prevent interception of course, but at
least
Paul Hoffman wrote:
At 12:11 AM +0100 1/4/09, Jan Schejbal wrote:
Why is this relevant to this mailing list?
Because there was a security failure in one of the Firefox trusted CAs allowing
anyone to get fake certificates. This event and the reaction of the CA are
important to determine if
Paul,
Paul Hoffman wrote:
At 1:35 PM -0800 1/5/09, Wan-Teh Chang wrote:
On Sun, Jan 4, 2009 at 12:32 PM, Paul Hoffman phoff...@proper.com wrote:
I propose that Mozilla form a new mailing list, dev-policy-trustanchors. The
topics for that list would include:
- All new trust anchors being
Paul,
Paul Hoffman wrote:
It seems to me also that a self-signed certificate marked as a trust anchor,
ie. a root, probably shouldn't have an AIA extension.
Wait. No kind of certificate is marked as a trust anchor. I assume you probably me
root as in a self-signed cert with the CA bit
Kyle,
Kyle Hamilton wrote:
On Wed, Dec 24, 2008 at 2:46 PM, Eddy Nigg eddy_n...@startcom.org wrote:
On 12/25/2008 12:36 AM, Kyle Hamilton:
To be honest, Mozilla doesn't distribute keytool with Firefox, which
means that I have to try to go into the (unbatchable) interface and
remove the flags
Kyle,
Kyle Hamilton wrote:
I am minded of the CRL entry reason remove from CRL. Does NSS
properly handle that reason-code?
The reason code remove from CRL is only applicable to delta CRLs. In
addition, this is only allowed if the certificate had the status of on
hold in the base CRL. You
Paul,
Paul Hoffman wrote:
3) A corollary of (2): Even when parent == grandparent, and hence parent
is also a sibling, it's not generally true that you can use the OCSP URL
from the parent to check the OCSP status of a child.
All of that is true (and is true for CRLs, I believe), but it is
Anders,
Anders Rundgren wrote:
IM[NS]HO, S/MIME encryption using PKI is one of the biggest security
farces ever. Even the use-case is often wrong. Somebody representing
e-Health
once described for a big audience how S/MIME encryption could be used
to exchange private medical information
Michael,
Michael Ströder wrote:
Anders Rundgren wrote:
IM[NS]HO, S/MIME encryption using PKI is one of the biggest security
farces ever.
I don't see why.
Regarding the guide, I believe that e-mail encryption would be fairly
common
if it had been (generally) based on using a shared secret,
Nelson,
Nelson B Bolyard wrote:
Two years ago this week, John Smith wrote to us:
When I sign using keytool.exe version 3.10 it signs OK,
When I sign using keytool.exe version 3.11 it throws this error:
using certificate directory: C:\Documents and
Settings\myusername\Application
Kyle,
Kyle Hamilton wrote:
Should there be a check to make sure that disparate sites aren't using
the same public key modulus/exponent?
That would be fairly hard to implement reliably.
Currently, we don't persist end-entity certs of web sites in general in PSM.
Even if we did, what is the
Kyle,
Kyle Hamilton wrote:
So, essentially, what you're saying is that it was a targeted attack
against a user, instead of an attack targeted against a server?
Apparently, keeping track of keys in certificates placed individually
into NSS might be a good idea regardless.
The attacker
Ian,
Ian G wrote:
Is there any reason why the message cannot be delivered by the
current channels? CRL, OCSP?
Yes, there is one : the fact that trust anchors are specifically
excluded from CRL and OCSP revocation checking in PKIX standards.
In other words, no PKIX-compliant software,
Kyle,
Kyle Hamilton wrote:
I think we all understand that the basic concept of a root-signed
self-revocation is workable, in principle, at the information level.
There may be substantial implementation questions...
There are those who don't think so, since the operations defined at
the Root
Eddy,
Eddy Nigg wrote:
- software that uses NSS but isn't a product of Mozilla
Those products have to figure out where they pick up NSS.
Various vendors have come up with different solutions.
Both Sun and Red Hat have integrated NSS into the OS, and you can get
the NSS libraries
Gervase,
Gervase Markham wrote:
Julien R Pierre - Sun Microsystems wrote:
If the root could revoke itself, in the case of root cert key
compromise, ie. the root cert's private key becoming public, anybody
could then sign revocation information for that root CA - whether to
mark it revoked
Paul,
Paul Hoffman wrote:
Updating software with a new root module is a lot simpler. Of course that
process has its own set of security issues as well.
It also doesn't work for users who are using a different root module. Barely traceable
management action != open message protocol.
True.
Eddy,
Eddy Nigg wrote:
Updating software with a new root module is a lot simpler. Of course
that process has its own set of security issues as well.
Besides that, one of the problems is, how to reach each and every
software (including older or non-updated or smaller ones).
I think
Nuno,
nponte wrote:
Hi Julien,
Thanks for your reply.
Is there any ticket filed in bugzilla where I can track
developments on this issue?
Regards,
Nuno
Yes. See bugzilla 133191 . Also 321755 is related.
___
Kyle,
Kyle Hamilton wrote:
On Mon, Oct 20, 2008 at 5:31 PM, Julien R Pierre - Sun Microsystems
[EMAIL PROTECTED] wrote:
If the root could revoke itself, in the case of root cert key compromise,
ie. the root cert's private key becoming public, anybody could then sign
revocation information
Eddy,
Eddy Nigg wrote:
Ian G:
Ah, ok, excellent, that helps with the big question: Can we
conclude from this that roots cannot be revoked by means of the
OCSP/CRL channel?
No, because it depends on the application and library implementing it I
think. Apparently it's correct for NSS.
Now
Ian,
Ian G wrote:
Nelson Bolyard wrote:
Frank Hecker wrote:
However there still appears to be an open question as to whether having an
AIA extension with OCSP URL in the Microsec root certificate will cause a
problem with NSS. (Nelson wrote that he was going to investigate this, but I
don't
Claes,
Claes Jakobsson wrote:
Hi,
I'm writing a test-case for the Perl bindings that basically is just
server from SSLsample. However when I try to connect to it I get an
assertation failure: PR_Assert (s=0x86d2c numPresent 0 || numEnabled
== 0, file=0x86ced ssl3con.c, ln=670). My NSS
Matthews, Tim R wrote:
Hi All. I hope this is an acceptable question for this list; I’ve
searched google and the archives and not found an answer.
We use Remedy ARS (helpdesk ticketing system) and are migrating to
Microsoft ADAM (LDAP) using TLS for encryption. I am responsible for
Subrata,
Subrata Mazumdar wrote:
Wan-Teh Chang wrote:
On Sat, Sep 27, 2008 at 12:17 PM, Nelson B Bolyard
[EMAIL PROTECTED] wrote:
Subrata Mazumdar wrote, On 2008-09-27 06:33:
Actually, the problem is even worse - some of the applications use
unencrypted private key
David,
David Sadler wrote:
however, when I enter the failing condition
wget https://localhost
--10:02:50-- https://localhost/
= `index.html.5'
Resolving localhost... 127.0.0.1, ::1
Connecting to localhost|127.0.0.1|:443... connected.
Unable to establish SSL connection.
I
Kyle,
Kyle Hamilton wrote:
There's another, more pressing issue:
If there are buffer overflows in ASN.1 parsing (there have been in at
the least OpenSSL and Microsoft's), anyone who can provide a
certificate that points to an AIA that ultimately wouldn't be trusted
could provide malicious
Eddy,
Eddy Nigg wrote:
Julien, can we assume that by trying to construct a valid chain up to a
trusted root - even by fetching intermediate CAs via the AIA CA Issuer
extension - doesn't present a risk we can not take? During this
discussion I've found that only a very minimal privacy
Kyle,
Kyle Hamilton wrote:
Mary and Mallory may not be the same control.
Mary has a site with a cert with AIA. Mallory can take control over
that location for the AIA, without Mary being able to do a thing to
stop it.
If Mallory was able to replace Mary's cert with a fake one, then they
If you are using cygwin, you must use all cygwin tools, including
cygwin's make.exe . You can't use the make / gmake from moztools in
conjunction with a cygwin setup.
[EMAIL PROTECTED] wrote:
Hi, I need to build just the root certificate module for NSS on
windows. I followed the build
David,
David Sadler wrote:
I believe we have a debug build. Any idea why there is no log data?
You should double check that you really do have debug builds, for both
NSPR and NSS bits. The behavior you describe is consistent with not
having a debug build.
One quick way to check that debug
Wan-Teh Chang wrote:
68 MOZ_OBJFORMAT := $(shell test -x /usr/bin/objformat
/usr/bin/objformat || echo elf)
69
70 ifeq ($(MOZ_OBJFORMAT),elf)
71 DLL_SUFFIX = so
72 else
73 DLL_SUFFIX = so.1.0
74 endif
Let's focus on line 68. On your FreeBSD 7.0
Samrat,
Where are you pulling those symbols from ?
They are not part of NSS .
samrat saha wrote:
hi all,
i am having some problem with bn_mul_add_words, my gprof profiling shows
it is very cpu intensive. can we optimize it for the windows version.
below is my gprof call graph.
index %
Michael,
Michael Kaply wrote:
Some more test info.
I put everything (dylibs, executables) into usr/local/bin
certutil works
pk12util works (although I get the extra thawte that we talked about
earlier)
signtool fails with:
signtool: function failed: Failure to load dynamic
Mike,
Michael Kaply wrote:
For the record, everything works fine with an NSS 3.12 that I built on
my machine.
So I don't know if it is an NSS 3.11 problem (which might be the case
since other people have reported it) or a problem with darwin ports
(which I doubt)
Mike Kaply
There
Generally the most useful information is in bugzilla.
From reading
https://bugzilla.mozilla.org/show_bug.cgi?query_format=specificorder=relevance+descbug_status=__open__id=427715
it appears the bug is still open .
Ruchi Lohani wrote:
Hi,
Is the bug filed with number 427715 fixed. The
Nelson,
Nelson B Bolyard wrote:
Momcilo Majic wrote, On 2008-08-25 23:40:
Hi you were correct, the trust was designated as Pu,Pu,Pu. Still
- NSS is 3.12 built on Windows XP, VS2003 + MozillaBuild
OK, In that case, it sounds like a definite bug.
Note that he patched ecl-curve.h to remove
Michael,
Michael Ströder wrote:
Wan-Teh Chang wrote:
Most NSS-based server applications open the NSS databases in
read-only mode, so they can run with multiple processes safely. But
client applications such as Firefox and Thunderbird open the NSS
databases in read-write mode.
According
Howard,
Howard Chu wrote:
Did any of those FIPS audits red-flag the above code snippet?
Of course not.
You seem to be mistaken about the purpose and scope of FIPS140 validation.
Only cryptographic code needs to be validated. The libnss initialization
code is not cryptographic code, and thus
Bob,
Robert Relyea wrote:
SECMOD_OpenUserDB() will open new database slots in the internal
database module.
Unfortunately, those additional DBs can't be manipulated separately.
This is particularly a problem for trust.
___
dev-tech-crypto mailing
Nelson,
Nelson Bolyard wrote:
Julien R Pierre wrote on 2008-08-12 16:53 PDT:
Robert Relyea wrote:
SECMOD_OpenUserDB() will open new database slots in the internal
database module.
Unfortunately, those additional DBs can't be manipulated separately.
huh?
- key gens can be done in each
Edy,
Eddy Nigg wrote:
Neither Apache not IIS do that AFAIK.
I believe the Netscape/iPlanet/Sun web server does at least log a
warning when the server comes up if the cert cannot be verified, for
example, because of a missing intermediate.
However, if the intermediate cert was installed,
Nelson,
Nelson B Bolyard wrote:
Right now there is no such callback available in NSS' libssl to do what
you want.
Maybe I misunderstand the request, but I believe that libSSL offers exactly
what Rainer has requested.
The way I read it, he wanted to do some custom authentication which I
Eddy,
Eddy Nigg (StartCom Ltd.) wrote:
The page says: One noteworthy detail are the issuer and serial number
fields, those most be provided in their encoded form (*as stored in the
certificate*) and transformed to base64.
What does that mean? Is it HEX like 0x0 or 0 or the binary value
82 matches
Mail list logo