Mike Hommey wrote: > But linux users are not necessarily up-to-date with the latest NSS. I > seriously doubt the number of users with the very last system nss > exceeds 10% of the linux user base except in exceptional "good > timing" cases (like when ubuntu is released with the latest version), > but that doesn't last long).
If the system NSS isn't new enough, then Firefox's local version of NSS would be used. And, if that is complicated to implement at all, then we can just avoid trying to optimize how we load NSS on Linux at all. To be honest, you would likely be the one to implement any of these optimizations on Linux, if they are ever to happen at all. I am not intending to optimize NSS or rearrange it for code size on Linux *at all* because of these issues. For example, the idea of linking NSS into libxul *on Linux* was taken off the table a long time ago, because of these issues and others. Gecko (or Firefox and Thunderbird individually) would have its own special build configuration of NSS on Android, Windows, Mac, and B2G *only*, according to the current plan. The same build configuration we have now, which is the same build configuration that system NSS builds are done with (more or less), would be the build configuration used on Linux for the indefinite future. AFAICT, any distro that ships its own builds of Firefox seems to configure Firefox to use system NSS and system NSPR, and that effectively means that those distros have to be on their toes with the latest NSS and NSPR releases available as installable packages whenever they release a new version of Firefox, since every version of Firefox going forward will require the very latest NSS and/or NSPR for the foreseeable future. If this doesn't work for them then they will have to stop configuring their Firefox packages to depend on system NSS and/or system NSPR packages. - Brian -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
