I am modifying mod_nss to implement TLS upgrades (RFC2817) to use in a special-purpose web client-server system. In fact, I think the modifications to mod_nss are done, but I am not yet done with implementing TLS upgrades in Firefox, so I haven't tested the mod_nss modifications.
As we discussed already, TLS upgrades seem to be insecure and insuitable for general purpose web clients and servers due to multiple reasons. However, mod_nss was pretty much mod_ssl rewritten to use the NSS library instead of OpenSSL. Since the latest version of mod_ssl now implements TLS upgrades, are there any plans for mod_nss to follow and implement RFC2817, too, or is mod_nss going to go its own way? _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
