Whether or not ECC works is a function of the version of NSS you have. If built by Mozilla, ECC works for signature verification and client auth out of the box. The NSS built by red hat will not do any ECC unless you supply your own ECC PKCS #11 module. In the latter case, then all the ECC functions work. Instructions for building NSS like redhat can be found here: http://pki.fedoraproject.org/wiki/ECC_Capable_NSS
bob ----- Original Message ----- > Is ECDSA S/MIME signature generation available in Thunderbird? [using > one of the Suite B curves] > > I've tried using a PKCS#11 module that I am developing and ran into > trouble with Thunderbird erroring out w/ "Unable to sign message. > Please check that the certificates .... are valid and trusted." > (which they are according to the certificate dialog which lists them > as valid for Email Signing...) > > I have successfully performed ECDSA-based client-authentication in > the latest Firefox release, but the code flow is quite different. > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
