Nelson B Bolyard wrote:
Actually someone did:)... we're working on fixing the bugs and getting it into NSS. I now have someone working to finish this up...Joe Orton wrote, On 2008-07-28 16:09:On Sat, Jul 26, 2008 at 05:17:56PM -0700, Nelson Bolyard wrote:Daniel Stenberg wrote, On 2008-07-26 13:45:As a user of OpenSSL, NSS, yassl and GnuTLS I can certainly agree that GnuTLS has flaws in its API but NSS most certainly also has flaws as well _and_ notable missing features that GnuTLS offers.Daniel, please tell us what features are missing that you would actually use if they were present!My basic questions about NSS usage relative to GnuTLS/OpenSSL are here: https://bugzilla.redhat.com/show_bug.cgi?id=347691NSS is not going to stop using PKCS#11 modules as its sole means of access to stored keys and certs. That just won't happen. Kiss all that FIPS 140 validation goodbye if that happens. Someone could write a PKCS#11 module that uses PEM files as its storage. It wouldn't be FIPS validated, at least not initially. But Please feel free. :)
https://bugzilla.mozilla.org/show_bug.cgi?id=402712(an early version is available in Fedora as part of the nss_compat_ossl library).
bob
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
