Wan-Teh Chang wrote, On 2008-10-29 07:23: > On Wed, Oct 29, 2008 at 7:11 AM, Gordon.Young <[EMAIL PROTECTED]> wrote: >> Would I see the intro of TLSv1 in the release notes for v3.2? > > No, because TLS 1.0 was added to NSS before NSS 3.2. > It is a lot of work to track down the first version of NSS in > which TLS 1.0 was introduced, so I gave you a quick answer > that should be equally good: all versions of NSS that are > open source and in use today can support TLS 1.0.
Full support for TLS 1.0 was first added to NSS 2.8. That work was finished in January 2000. Support for 3-key Triple-DES in CBC mode goes back to SSL2 and was introduced to NSS in January 1995. It was present in NSS's implementations of SSL 3.0 and TLS 1.0 from their respective first releases. > Note that an NSS-based application still needs to turn on > TLS 1.0, otherwise TLS 1.0 is still not enabled in that > application. So you also need to consult the product's > documentation to see if it turns on TLS 1.0. IINM, TLS has been enabled by default since NSS 3.0. It was not enabled by default in NSS 2.8. That change of default setting for TLS was one of the changes we made in the 3.0 major release. See <http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/ssl/sslsock.c&rev=1.55&mark=173#164> There have also been a number of protocol version negotiation issues with various non-NSS products. I will write about one of them separately. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
