Robert Relyea wrote:
>> What I was referring to is the inability for an issuer specifying that
>> generated keys should be PIN-protected and what constraints
>> there should be on the PIN while still optionally letting the user
>> specify the actual PIN.
>In general we have been reluctant to
Hi,
I am having problem in resetting the password of slot after removing the
soft-token associated with it.
Everything works fine for the first time. When I try to create a slot
second time, the new token is installed
in the previously created empty slot with the old token name and
protected by
Ok. But I feel that the server should ignore the ciphers which it
doesn't understand instead of rejecting the connections. Because, you
can't expect the server to understand all the ciphers that the browser
has. Moreover, the SSL communication will succeed only when both the
parties agree upon
Anders Rundgren wrote:
"Eddy Nigg" wrote:
The keygen tag is used widely and Mozilla supports smart cards with the
associated PIN excellent.
I'm sure about that! However...
What I was referring to is the inability for an issuer specifying that
generated keys should be PIN-protected
Graham Leggett wrote:
Hi all,
I am trying to port some symmetrical encryption / decryption code
using OpenSSL's EVP_CipherUpdate function to NSS, and I am running
into trouble trying to find the API documentation for NSS.
So far, the closest to documentation that I have found is a list of
t
Nelson B Bolyard wrote:
Suresh Kumar J wrote, On 2008-09-02 10:55:
Hi Nelson,
You are correct that Apache Tomcat web-server(v6.0.13) choked with the
full set of cipher suites implemented in the Windows FF3.0.1. When I
disable the following cipher suites via the "about:config" option, the
web
Nelson B Bolyard wrote:
Please file a bug in bugzilla.mozilla.org about that.
Product: NSS
Component: Libraries
Version: whatever version you're using
I just added the bug here:
https://bugzilla.mozilla.org/show_bug.cgi?id=453364
The gdb trace of how I got there is included, along with the k
samrat saha wrote:
> hi Howard,
> i sent mails there also meanwhile can you tell me how to omtimize the code.
> It looks like the following currently, can we change it to make it faster.
It would be better to simply continue the thread you already started on the
OpenSSL mailing list. First you sh
Graham Leggett wrote, On 2008-09-02 12:49:
> Graham Leggett wrote:
>
>> I am trying to call PK11_CreateContextBySymKey and it is returning NULL.
>
> Using PORT_GetError, the error code returned is zero.
Please file a bug in bugzilla.mozilla.org about that.
Product: NSS
Component: Libraries
Versi
Suresh Kumar J wrote, On 2008-09-02 10:55:
> Hi Nelson,
>
> You are correct that Apache Tomcat web-server(v6.0.13) choked with the
> full set of cipher suites implemented in the Windows FF3.0.1. When I
> disable the following cipher suites via the "about:config" option, the
> web communication sta
Graham Leggett wrote:
I am trying to call PK11_CreateContextBySymKey and it is returning NULL.
Using PORT_GetError, the error code returned is zero.
Reverse engineering the PK11_CreateContextBySymKey function, I have
found that the function returns NULL in a number of locations, many
withou
Hi all,
I am trying to call PK11_CreateContextBySymKey and it is returning NULL.
I understand that if I called the PORT_GetError function, I would get
the error that occurred, but that is still of no use as it is just a number.
I found a function called SECU_Strerror that seems to be used to
Nelson B Bolyard:
>
> Are you sure that cert installation fails?
> Or does cert manager simply fail to show the installed cert?
Yes, it fails 100%. Also the popup message usually displayed after cert
installation doesn't appear.
>
> Hint: what tool (besides FF cert manager) can you use to check
Yes, I have ensured that the parameter "security.enable_ssl2" is indeed
set to "false" in "about:config".
Wan-Teh Chang wrote:
> Hi Suresh,
>
> Please type "about:config" in the location bar.
>
> In the Filter field, type "security.enable_ssl2". What is the value?
> It should be "false".
>
> I b
Nelson B Bolyard wrote:
Wan-Teh Chang wrote, On 2008-09-02 10:36:
I believe this is the relevant source code in Firefox:
http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/src/nsNSSComponent.cpp#1596
The above code sets the default for a new socket.
I believe this
Hi Nelson,
You are correct that Apache Tomcat web-server(v6.0.13) choked with the
full set of cipher suites implemented in the Windows FF3.0.1. When I
disable the following cipher suites via the "about:config" option, the
web communication started working and the server didn't complain
anythin
Wan-Teh Chang wrote, On 2008-09-02 10:36:
> I believe this is the relevant source code in Firefox:
>
> http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/src/nsNSSComponent.cpp#1596
I believe this is the relevant source code in Firefox:
http://bonsai.mozilla.org/cvsblame.cgi?fil
Hi Suresh,
Please type "about:config" in the location bar.
In the Filter field, type "security.enable_ssl2". What is the value?
It should be "false".
I believe this is the relevant source code in Firefox:
http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/src/nsNSSComponent.cpp
Eddy Nigg wrote, On 2008-09-01 18:36:
> Nelson, it seems to me that you edited
> http://developer.mozilla.org/en/NSS_Certificate_Download_Specification
> about ten days ago.
Yes. I fixed some links. None of the page text was changed.
> Were there some specific changes you made to NSS
> whic
Just to make it sure what *I* mean with smart card support:
It does not mean supporting something that is packaged
in a card-like container or in a USB stick, but a cryptographic
mechanism that protects keys from direct external access
through software or through other means (within reason).
For
Eddy Nigg wrote:
> The keygen tag is used widely and Mozilla supports smart cards with the
> associated PIN excellent.
I agree. And I'd prefer it over the scripted approach of MS IE.
Some issues could be solved by adding attributes for further parameters.
Ciao, Michael.
_
Anders Rundgren:
> What I was referring to is the inability for an issuer specifying that
> generated keys should be PIN-protected and what constraints
> there should be on the PIN while still optionally letting the user
> specify the actual PIN.
There are Mozilla specific functions for handling o
hi Howard,
i sent mails there also meanwhile can you tell me how to omtimize the code.
It looks like the following currently, can we change it to make it faster.
BN_ULONG bn_mul_add_words(rp,ap,num,w)
BN_ULONG *rp,*ap;
int num;
BN_ULONG w;
{
BN_ULONG c1=0;
for (;;)
"Eddy Nigg" wrote:
>The keygen tag is used widely and Mozilla supports smart cards with the
>associated PIN excellent.
I'm sure about that! However...
What I was referring to is the inability for an issuer specifying that
generated keys should be PIN-protected and what constraints
there shoul
Nelson B Bolyard wrote:
> Julien R Pierre - Sun Microsystems wrote, On 2008-08-29 14:47:
>> Samrat,
>>
>> Where are you pulling those symbols from ?
>> They are not part of NSS .
>
> Julien and Samrat:
>
> The bn_ symbols shown below are from OpenSSL's bignum library
> (bn = bignum). This newsgrou
Anders Rundgren:
> Hi Guys,
> By accident I found this link while Googling for Safari and keygen:
> http://www.mail-archive.com/[EMAIL PROTECTED]/msg10389.html
>
> Although KeyGen [sort of] works it is dated function which is misaligned
> with the world as it looks today.
>
> Among glaring omission
Hi Guys,
By accident I found this link while Googling for Safari and keygen:
http://www.mail-archive.com/[EMAIL PROTECTED]/msg10389.html
Although KeyGen [sort of] works it is dated function which is misaligned with
the world as it looks today.
Among glaring omissions I would include:
- No suppor
27 matches
Mail list logo