Douglas Stebila wrote: > The same attack applies to NSS. A while back I submitted a bug and > patch for NSS, but it has been languishing in Bugzilla without any > attention. While the use of ECC in deployed TLS environments is quite > low, it's still probably a good idea to get the code patched. Perhaps > someone will take a look at this forlorn bug and patch?
I do not think any NSS-based products from any of the NSS maintainers enable binary ECC. That is one of the main factors why the bug isn't getting any attention. Should we just remove all the non-suite-B ECC support, since it isn't being maintained? - Brian -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
