Re: NSS 3.14 release

2012-10-26 Thread Wolfgang Rosenauer
Hi, I'm trying to provide that version as an RPM package and also run the testsuite within the build process. With that version the testsuite fails: [ 1202s] chains.sh: #2294: Test that OCSP server is reachable - FAILED [ 1202s] chains.sh: #4023: Test that OCSP server is reachable - FAILED [

Re: NSS 3.14 release

2012-10-26 Thread Brian Smith
julien.pie...@oracle.com wrote: Oracle still ships NSS with many products even though we are no longer actively involved with its development. It is important to have somebody at least monitoring the bugs filed/fixed in the NSS component in bugzilla. See

Re: NSS 3.14 release

2012-10-26 Thread Brian Smith
Julien Pierre wrote: I know what code changes are necessary. I'm only a developer on a couple of NSS applications at this point, not an NSS maintainer. If this was only about those couple of apps, it wouldn't be an issue. But there are other apps in Oracle that could be affected. I can safely

Re: NSS 3.14 release

2012-10-26 Thread Chris Newman
--On October 26, 2012 11:52:47 -0700 Brian Smith bsm...@mozilla.com wrote: julien.pie...@oracle.com wrote: Oracle still ships NSS with many products even though we are no longer actively involved with its development. It is important to have somebody at least monitoring the bugs filed/fixed

Re: NSS 3.14 release

2012-10-25 Thread Kai Engert
On Thu, 2012-10-25 at 15:36 +0200, Wolfgang Rosenauer wrote: With that version the testsuite fails: [ 1202s] chains.sh: #2294: Test that OCSP server is reachable - FAILED [ 1202s] chains.sh: #4023: Test that OCSP server is reachable - FAILED [ 1202s] chains.sh: #6393: Test that OCSP server

Re: NSS 3.14 release

2012-10-25 Thread Wan-Teh Chang
On Wed, Oct 24, 2012 at 10:19 PM, Julien Pierre julien.pie...@oracle.com wrote: The following changes may be problematic : 1) * New default cipher suites ( https://bugzilla.mozilla.org/show_bug.cgi?id=792681 ) The default cipher suites in NSS 3.14 have been changed to better reflect the

Re: NSS 3.14 release

2012-10-25 Thread Chris Newman
--On October 24, 2012 22:19:40 -0700 Julien Pierre julien.pie...@oracle.com wrote: 2) - The NSS license has changed to MPL 2.0. Previous releases were released under a MPL 1.1/GPL 2.0/LGPL 2.1 tri-license. For more information about MPL 2.0, please see http://www.mozilla.org/MPL/2.0/FAQ.html.

Re: NSS 3.14 release

2012-10-25 Thread Julien Pierre
Wan-Teh, Thanks for your response, comments inline. On 10/25/2012 11:17, Wan-Teh Chang wrote: Any client apps that care about the exact cipher suites enabled need to enable and disable each cipher suite explicitly. This Chromium code in this file can be used as code example:

Re: NSS 3.14 release

2012-10-24 Thread Julien Pierre
Oracle still ships NSS with many products even though we are no longer actively involved with its development. We do pick up new releases from time to time. We picked up 3.13.x last year and I'm looking into picking up 3.14 . The following changes may be problematic : 1) * New default cipher