oading
mixed (EV + DV) content. That code can then use various methods to
transmit the information the user has entered on the page (for example
creating an img element whose src URL contains the data to transmit to
the DV site under attacker's control).
--
Heikki Toivonen - http://heikkitoivonen.
pretty confusing
even to me.
--
Heikki Toivonen - http://heikkitoivonen.net
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Robert Relyea wrote:
> Funny you should bring that up now. John has been making good progress
> on getting something that works as we speak.
I stand corrected, and that is great news!
--
Heikki Toivonen
___
dev-tech-crypto mailing list
de
rappers for OpenSSL etc. if you'd rather go with
ready solutions.
--
Heikki Toivonen
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
I guess I should stop posting so late, replying to my own post and all...
> Firefox is listed on rung 1 with active participants.
Which made me wonder: is NSS already included as part of Firefox in the
scan results?
Btw, NSPR is also listed at rung 0.
--
Heikki Toivo
://scan.coverity.com/ladder.html#rung0) means no NSS
developers have signed up to access Coverity's reports and fix the issues.
Could we get someone to sign up and see what Coverity has found?
--
Heikki Toivonen
___
dev-tech-crypto mailing list
dev-tech-c
ription of the checks that can
lead to each of the different dialogs. That way all the checks would be
lumped to something like half a dozen (?) boxes in the flowchart.
--
Heikki Toivonen
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
he same library
from several different languages.
--
Heikki Toivonen
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
WIG out of the picture might make it fast enough.
--
Heikki Toivonen
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
obably show
both wontfix and currently-in-progress-or-limbo requests.
--
Heikki Toivonen
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
get it running. Once that works, build a usable library (still
very limited API coverage). At that point it would make sense to ask the
question of perhaps going to the straight C/C++ approach and dump swig
(it brings considerable overhead; in some tests I've seen swigged code
being 2.
Java wrapper, possibly making JSS support
> easier.
AFAIK no, but I would also be interested in such a thing. I have even
considered starting such a thing myself, but haven't had the time.
Initial thoughts:
http://wiki.osafoundation.org/bin/view/Journal/PyNSSThoughts20060307
-
Bob Lord wrote:
> Heikki Toivonen wrote:
> Which ones have you run across? We should probably collect all the
> relevant URLs.
This Google query:
(site:mozilla.org OR site:mozilla.com) Libya
gives 78 pages. Some of those are just cvs versions of the same file,
some bogus hits, some wi
en they go download NSS or
Mozilla because the notices are either on some developer page or a file
in ftp root directory or something?
--
Heikki Toivonen
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinf
14 matches
Mail list logo
