On Fri, May 30, 2008 at 9:33 AM, Ruchi Lohani <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> I did compile npapi.h with NO_NSPR_10_SUPPORT defined. That removed the
> errors on types (int32 etc) but gave new errors related to PRArenaPool etc
> which is quite obvious with the current
> library. I guess I
Eddy Nigg (StartCom Ltd.):
If you know something we don't, it would be really
useful to the whole Internet community to hear more.
I will look for it somewhat more...it can't have disappeared like that...
The only thing I found so far (and which isn't the one I was referring
to) is http
Paul Hoffman:
I write this all from memory because I can't find that article again.
OK, but an actual reference would be helpful.
Yes, and it's obviously pretty bad from me not being able to back it up.
I tried to locate it and even went through mails I sent in 2006 where I
could
At 9:49 PM +0300 5/30/08, Eddy Nigg (StartCom Ltd.) wrote:
>Paul Hoffman:
>
>>
>>
>>Again, I strongly strongly doubt that Mallory will try to break a
>>1024-bit key for this attack, at least for 20 years or more.
>>
>>
>
>I'm not sure from where you got this information
RFC 3766, which is consider
Dave Townsend wrote, On 2008-05-30 03:59:
> Thanks for filing the bug Nelson.
>
> I don't suppose anyone has any idea of how I might be able to work
> around this issue for the time being?
Earlier, you wrote:
>> I also tried this with a shared db as Robert suggested and it appears to
>> work c
Paul Hoffman:
Again, I strongly strongly doubt that Mallory will try to break a
1024-bit key for this attack, at least for 20 years or more.
I'm not sure from where you got this information, because apparently a
group of people succeeded in cracking the key with 650 and something
bytes a
At 10:15 AM -0700 5/30/08, Nelson B Bolyard wrote:
>Paul Hoffman wrote, On 2008-05-30 07:17:
>
>> Adding strong locks to the front doors while the back doors still have
>> weak locks is useless from a security standpoint.
>
>You seem to be arguing that no-one should bother to put locks on their
>
Paul Hoffman wrote, On 2008-05-30 07:17:
> Adding strong locks to the front doors while the back doors still have
> weak locks is useless from a security standpoint.
You seem to be arguing that no-one should bother to put locks on their
doors while there remain some people who have no locks on
At 11:02 AM -0400 5/30/08, Frank Hecker wrote:
>I'd be glad to soften the language
>about "cause for concern", but I still want to flag 1024-bit roots as
>worthy of a further explanation. (E.g., is this a root created some time
>ago that is only now being proposed for inclusion? Was/is the root
>in
Wan-Teh Chang wrote:
> Hi,
>
> I am not familiar with npapi.h. I just took a quick look at it. As far
> as I can tell, you didn't do anything wrong.
>
> We need to make the NSS headers usable with NO_NSPR_10_SUPPORT
> defined. I filed a bug for this issue:
> https://bugzilla.mozilla.org/show_bug
Paul Hoffman wrote:
> What does "is cause for concern" mean when the majority of the
> certificates in our list are 1024 bits? (I think that is still true)
As noted by others, the checklist is for new roots, not legacy roots. If
we're going to have a gradual transition to 2048-bit modulus
At 9:45 PM -0700 5/29/08, Justin Dolske wrote:
>Paul Hoffman wrote:
>
>> Unless Mozilla says "we are going to yank that particular Verisign
>> certificate, and all the ones with similar key lengths, decades before
>> they expire", there is absolutely no reason for us to, 20 years in
>> advance,
Thanks for filing the bug Nelson.
I don't suppose anyone has any idea of how I might be able to work
around this issue for the time being? My app is based on XULRunner which
will be released with NSS_3_12_RC3 so for the time being I have to work
with that.
I can see from the implementation tha
13 matches
Mail list logo
