Wan-Teh Chang a écrit :
On Tue, Mar 10, 2009 at 4:42 PM, Kyle Hamilton<aerow...@gmail.com> wrote:
Hey, I'm just trying to figure out what the current algorithms that
Firefox supports are? Specifically, I'm trying to figure out what
hash algorithms, but the symmetric and asymmetric algorithms would be
useful as well.
Is there a document on this, that is regularly updated?
We have an "Encryption Technologies in NSS x.y" for each NSS release.
The latest version is NSS 3.11, which is correct for all NSS 3.11.x releases:
http://www.mozilla.org/projects/security/pki/nss/nss-3.11/nss-3.11-algorithms.html
Versions of this document needs to be created for
- NSS 3.12: adds Camellia
- upcoming NSS 3.12.3: adds SEED
Are you thinking about adding support for the SHA256 based cipher-suites
from RFC5246 ? I really think SHA-2 support in TLS should be high
priority, the more given that it's little work to implement.
These two in particular should be little work/greatly useful :
CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x3C };
CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x3D };
But probably you could add easily also the DH/DHE versions ?
CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = { 0x00,0x3E };
CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x3F };
CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = { 0x00,0x40 };
CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x67 };
CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = { 0x00,0x68 };
CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x69 };
CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = { 0x00,0x6A };
CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x6B };
PS : You seem to be missing reference to the updated version of TLS
standard/algorithms in the links down the page, even those you do implement.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
