On Nov 22, 2007 4:26 AM, Jean-Marc Desperrier <[EMAIL PROTECTED]> wrote: > > So and as WTC said also, OCSP stapling is out for 3.12 > > But what does suprise me is that server side SNI is also out. > > I would have expected that NSS team would have been quite willing to > provide an alternative to the current choice of either > "apache/mod_gnutls" or "apache/openssl 0.9.8f + manual application of > the mod_ssl SNI patch in > http://issues.apache.org/bugzilla/show_bug.cgi?id=34607 "
It is a deliberate decision to tackle libpkix and shareable database with full force in NSS 3.12. They're at the foundation of NSS and we've put them off for too long. If we keep working on small, interesting features, we'll never have time to finish big, important pieces such as libpkix and shareable database. It is the recognition of this "time management" fact that led to the decision of leaving several SSL enhancements out in NSS 3.12. We always appreciate contribution of patches from outside the NSS team. For example, we received a contribution of the Camellia cipher suites for TLS: https://bugzilla.mozilla.org/show_bug.cgi?id=361025 which has been integrated into NSS 3.12, and more recently a contribution of the TLS session ticket extension: https://bugzilla.mozilla.org/show_bug.cgi?id=403563 I look forward to receiving more contributions. Wan-Teh _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
