Steffen Schulz wrote, On 2007-12-07 07:43: > I was hoping for some feedback on bug 405155, which adds support for TLS-SRP. > Are the core devs that busy right now?
The NSS team has lost 3 staff members this year, and those of us who remain are very busy, yes. We're (hopefully) nearing the end of a pretty major product release, for NSS version 3.12, and there's lots to do. New requests for enhancement (RFEs) that request that the NSS team do the work are not getting much attention now. In your case, you have attached a patch, and (I gather) you're seeking review of the patch (a necessary precursor to commitment). Bugzilla has a way to mark a patch with a review request. Doing so causes that patch to appear on some reviewers queue of patches to be reviewed. Most patch reviewers only review patches that show up in their review request queues. But your patch has not been marked with a review request. I'll add some suggestions in that bug on how to proceed. > (I also thought subscribing to this list would enable me to follow the > current development around nss/psm. Do you just use bugzilla?) This list gets used for lots of purposes, including: - communication between the NSS developers and the developers of other products that use NSS (including the Mozilla client products). You could call this "developer support" (as opposed to end user support). - discussions of Mozilla trusted root CA certificates and the policy that controls them. - occasional end user or server admin questions of the form "why doesn't Firefox like my certificate?" - other topics of interest to the community of developers who use or develop NSS. But it's not used much for direct day-to-day communications among the NSS developers themselves. They tend to use direct email or bugzilla or occasional phone calls. Discussions about specific bugs generally take place in the bugs themselves, unless they need to involve a larger community. You're certainly welcome to start discussions of SRP in TLS here. Do you have a companion bug/RFE for adding the necessary UI support to PSM (Personal Security Manager), the Mozilla software component that does UI for crypto-related issues? Having SRP in NSS won't do much good unless the necessary UI is also present. Getting new UI approved is MUCH more difficult than getting new crypto approved, IMO, and I'm afraid that it's too late in the FF3 development schedule to start that, if it isn't already started. There might be plenty of time for SeaMonkey though. Mozilla UI discussions generally do NOT take place in this list. Unfortunately, there isn't one single other list in which they mostly do take place, but rather there are many other lists. I'd suggest starting in dev-security (a.k.a the mozilla.dev.security newsgroup). Regards, /Nelson _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
