Unable to get NSS in FIPS mode on macOS

I've installed NSS 3.36 with NSPR 4.19 using Homebrew on macOS 10.14, 10.13 and 10.12. They all fail to create a nssdb in FIPS mode: https://pastebin.com/bp38AvME. If I create the nssdb in FIPS mode on Linux then when I try to use it fails: https://pastebin.com/nsPmjizg. If I create the nssd

Re: HSTS handling incorrect

I read something else in the RFC (section-11.4*)* that seemed like a contraction to your references, but after re-reading it I believe the Firefox for Linux Mint implementation is correct per the RFC though problematic for my configuration. I still have a question as to why Firefox for Windows

HSTS handling incorrect

It seems like the handling of HSTS is incorrect in Firefox on Linux Mint per RFC6797 11.4.1, https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security and when compared to Google Chrome. I don't have the includeSubDomains flag set in the Strict-Transport-Security HTT

Re: NSS set extractable = no

Thank you, I will clarify my requirement. I was somewhat suspect of the requirement anyway. On 05/19/2015 11:14 AM, Robert Relyea wrote: On 05/18/2015 03:04 PM, Arthur Ramsey wrote: I have a requirement to disable key export on a key stored in a NSS DB in FIPS mode. I read through the

NSS set extractable = no

140-2 compliance. I imported the key via p12 format, but I could complete the entire process via NSS if needed. Thanks, Arthur -- Arthur Ramsey Systems Administrator Mediture arthur_ram...@mediture.com 952.400.0323 This e-mail and any attachments may contain CONFIDENTIAL information, including