On 2009-11-19 13:07 PST, Kai Chan wrote:
> Ah, noobtastic...
A new word for my vocabulary! :)
> Thank you for reminding me to check shared library dependencies.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Ah, noobtastic... Thank you for reminding me to check shared library
dependencies.
On Thu, Nov 19, 2009 at 3:30 PM, Wan-Teh Chang wrote:
> 2009/11/19 Kai Chan :
> > Hi,
> >
> > I'm using NSS 3.12.4 with NSPR 4.8 release. I want to generate keys and
> > certs with the basic supported ECC curves
Thanks for the response.
I'm looking at the DogTag instructions (
http://pki.fedoraproject.org/wiki/ECC_Capable_NSS) for using an ECC-enabled
NSS that strips out the softoken and freebl implementations and imports a
third-party crypto module (
http://pki.fedoraproject.org/wiki?title=ECC_Enabling_D
2009/11/19 Kai Chan :
> Hi,
>
> Is there a way to do certificate operations in NSS without using the
> cert8.db?
Yes, you can initialize NSS with NSS_NoDB_Init(NULL).
Then NSS won't create or use any databases.
You can then import certificates as "temporary certificates"
(as opposed to "permanent
2009/11/19 Kai Chan :
> Hi,
>
> I'm using NSS 3.12.4 with NSPR 4.8 release. I want to generate keys and
> certs with the basic supported ECC curves (nistp256, nistp384, nistp521)
> included when NSS is compiled with the "NSS_ENABLE_ECC" flag. However, when
> I try using certutil to generate certi
I retrieved the file from the Mozilla FTP site:
ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_4_RTM/src/
I guess I'll try the source from the CVS repository.
Thanks,
Kai
On Thu, Nov 19, 2009 at 2:49 PM, Nelson B Bolyard wrote:
> On 2009-11-19 10:17 PST, Kai Chan wrote:
>
Hi,
Is there a way to do certificate operations in NSS without using the
cert8.db? I was looking at a post at mail-archive.com (
http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg00245.html)
that suggested all this would now be internal to the PKCS #11 module,
removing dependence o
On 2009-11-19 10:17 PST, Kai Chan wrote:
> I'm using NSS 3.12.4 with NSPR 4.8 release. I want to generate keys and
> certs with the basic supported ECC curves (nistp256, nistp384, nistp521)
> included when NSS is compiled with the "NSS_ENABLE_ECC" flag. However,
> when I try using certutil to ge
Hi,
I'm using NSS 3.12.4 with NSPR 4.8 release. I want to generate keys and
certs with the basic supported ECC curves (nistp256, nistp384, nistp521)
included when NSS is compiled with the "NSS_ENABLE_ECC" flag. However, when
I try using certutil to generate certificates using the basic NIST curv
I would like to ask for an explanation of mozilla trust cert. store
requirement for adding CA. Why correct
authority key identifier (AKI) can not include both the key ID and the
issuer's issuer name and serial number. We have an authority that adds
to its certificates such AKI and till now I though
Nelson B Bolyard wrote:
If you're using cert7/key3 DB files, that's a known bug, and probably
cannot be fixed. Or rather, the fix is believed to be to go to cert8/key4
on a local file system (not over a network). That should be MUCH faster.
See bug 433105 starting at comment 8.
That's surpri
11 matches
Mail list logo
