Re: Is JSS 4.3.2 released? I'm looking for the Mozilla signed jar.

2010-05-04 Thread Bob Foss
Nelson B Bolyard wrote: On 2010-04-30 06:38 PST, Bob Foss wrote: There are no artifacts on the ftp site for JSS 4.3.2: ftp://ftp.mozilla.org/pub/mozilla.org/security/jss/releases/ Check again. You may find it has been updated. Thank you. -- dev-tech-crypto mailing list dev-tech-crypto

Re: Is JSS 4.3.2 released? I'm looking for the Mozilla signed jar.

2010-05-03 Thread Bob Foss
Bob Foss wrote: Since, the restriction is primarily on the actual crypto algorithms, I'm going to see if I can rebuild with the 3 SSL classes in a separate jar ahead in the classpath. I just wanted to post a follow-up, that I was able to build a second jss-ssl.jar which just cont

Re: Is JSS 4.3.2 released? I'm looking for the Mozilla signed jar.

2010-04-30 Thread Bob Foss
Marsh Ray wrote: On 4/30/2010 12:51 PM, Bob Foss wrote: Everything, I've read indicates that a JCE Provider's signing cert must be signed by a cert from Sun (or maybe IBM). http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/HowToImplAProvider.html#Step6 http://ja

Re: Is JSS 4.3.2 released? I'm looking for the Mozilla signed jar.

2010-04-30 Thread Bob Foss
Nelson B Bolyard wrote: On 2010-04-30 10:25 PST, Marsh Ray wrote: On 4/30/2010 12:17 PM, Nelson B Bolyard wrote: Unfortunately, Sun's JRE requires signed jars for JCE providers, so the Mozilla signed jar file is pretty useful. Signed bits may be available directly from Sun. It's also conceiva

Is JSS 4.3.2 released? I'm looking for the Mozilla signed jar.

2010-04-30 Thread Bob Foss
I apologize for asking twice; I suspect my earlier message was buried since I originally replied to an old thread. Robert Relyea wrote: > The NSS team has just RTM'ed NSS 3.12.6. > The primary feature of NSS 3.12.6 is support for the TLS Renegotiation Indication Extension, RFC 5746. > > Releas

Re: NSS 3.12.6 is RTM.

2010-04-28 Thread Bob Foss
Robert Relyea wrote: The NSS team has just RTM'ed NSS 3.12.6. The primary feature of NSS 3.12.6 is support for the TLS Renegotiation Indication Extension, RFC 5746. Release notes are forthcoming with other additions and bug fixes. In addition, a new version of JSS has been released, JSS 4.3.2

Re: about DHE key size

2010-01-20 Thread Bob Foss
Nelson B Bolyard wrote: Rui Hodai wrote, On 2009-01-20 16:37: I found the 1024 bits keys are used as DHE key irrespective of SSL certificates when I captured communication packets from between Firefox3 and Apache+OpenSSL. Right. DHE is not tied to the sizes of keys in certs. -Which decide t

SSH 2.0 Keys and NSS in FIPS mode

2009-11-02 Thread Bob Foss
I have an application that includes an implementation of SSH in Java. It currently uses the Sun JCE and I'm trying to make use of the SunPKCS11 provider which wraps calls to NSS (3.12.4) to take advantage of NSS's FIPS compliance. (We won't be shipping this until after 3.12.4 has completed the pr