On 081018 at 20:30, Nelson B Bolyard wrote:
> FF3 had utterly failed to convey to her any understanding that she was
> under attack. The mere fact that the browser provided a way to override
> the error was enough to convince her that the errors were not serious.
I find it amazing that someone sh
On 081014 at 23:45, Ian G wrote:
> > No. There are no plans to include any PSK cipher suites in NSS.
> > Because of the enormous potential for PSK cipher suites to be misused by
> > application developers, there is strong resistance to incorporating them
> > into NSS.
>
> Nelson, I'm fascinated b
On 071216 at 01:50, Nelson Bolyard wrote:
> Steffen Schulz wrote, On 2007-12-12 10:34:
> > On 071209 at 03:55, Nelson Bolyard wrote:
> >> If FF doesn't have any built-in UI for SRP, I think I have a harder time
> >> justifying the inclusion of SRP in NSS. I think i
Hi,
On 071213 at 16:30, Michael Ströder wrote:
> Steffen Schulz wrote:
> > SRP is a great protocol also for authentication against your email
> > provider or WLAN[1] access point.
> > [..]
> > That said, I agree that web-authentication is the major use case for
> &g
On 071209 at 03:55, Nelson Bolyard wrote:
> If FF doesn't have any built-in UI for SRP, I think I have a harder time
> justifying the inclusion of SRP in NSS. I think it's a feature that
> would be included exclusively for use in the browser, so if the browser
> can't use it "out of the box", ther
On 071208 at 01:25, Nelson Bolyard wrote:
> In your case, you have attached a patch, and (I gather) you're seeking
> review of the patch (a necessary precursor to commitment). Bugzilla has
> a way to mark a patch with a review request. Doing so causes that
> patch to appear on some reviewers queu
Hi all,
I was hoping for some feedback on bug 405155, which adds support for TLS-SRP.
Are the core devs that busy right now?
(I also thought subscribing to this list would enable me to follow the
current development around nss/psm. Do you just use bugzilla?)
regards,
steffen
--
Bildet Olsenb
Hi,
I suppose you were talking about OSX on Intel/Mac.
I compiled nss 3.11.4 from cvs, output is attached.
/steffen
PS: The other mail I sent today can be safely ignored, picked the wrong
one out of the postponed messages queue..
On 071001 at 04:35, Nelson B wrote:
>https://bugzilla.
On 070825 at 21:05, Jeremy Morton wrote:
> So just to confirm, you're saying that there is no difference in
> security between submitting a username/password via HTTP and via HTTPS
> with a self-signed SSL cert?
That's untrue of course, because an active attack is more difficult
than a passive o
On 070825 at 02:10, Nelson B wrote:
> IIRC, the problem is not DSA but rather DHE. NSS does not presently
> support any DHE cipher suites on the server side, and it so happens
> that all the DSA cipher suites are also DHE cipher suites. IIRC,
> the missing code is not for DSA but for DHE. The is
On 070824 at 03:20, Wan-Teh Chang wrote:
> > Is usage of DSA-suites disencouraged? How can I test them?
> No, the use of DSA ciphersuites is not discouraged. But we haven't
> implemented DSA ciphersuites on the server side. They are only
> implemented on the client side. I believe this is the pr
On 070824 at 16:47, Wan-Teh Chang wrote:
> On 8/24/07, Steffen Schulz <[EMAIL PROTECTED]> wrote:
> Yes, most of the missing code is in the SSL library. There is a
> work-in-progress patch in the bug report for this feature:
> https://bugzilla.mozilla.org/show_bug.cgi?id=102794
On 070824 at 03:20, Wan-Teh Chang wrote:
> > Is usage of DSA-suites disencouraged? How can I test them?
> No, the use of DSA ciphersuites is not discouraged. But we haven't
> implemented DSA ciphersuites on the server side. They are only
> implemented on the client side. I believe this is the pr
Hi,
I want to test DSA ciphersuites, but 'server' and 'selfsrv' seem to be
unable to handle them.
I changed the source to enable some TLS-DSA suites but it seems
the ssl library is not being supplied with a valid certificate.
I created the dsa certificates with:
openssl pkcs12 -export -in dsa
Hi all,
I'm currently implementing draft-ietf-tls-srp-13 in NSS/SSL.
I did not find suitable test programs. I mean something like "openssl"
or "gnutls-cli". It seems I would have to dig through the test shell
scripts and programming examples to find or program such a tool and
make it find the n
On 070204 at 16:00, Ben Bucksch wrote:
> In private discussion, Eddy of StartCom suggested SSL CA certs for
>
> * internal sites (company webmail/IMAP, VPN etc.)
> * private discussion (blogs, forums, chat)
> * generally everything where you supply a login/password.
>
> I think other soluti
16 matches
Mail list logo
