On Wed, Mar 18, 2009 at 07:42:12AM -0700, Kyle Hamilton wrote:
> I think a reasonable default would be about 10 or 15 minutes, with a
> refresh of the session (moving it back to 0 minutes) every successful
> request?
With the default mod_ssl cache, I think that the session should already
get stor
On Tue, Mar 17, 2009 at 10:26:35AM -0700, Robert Relyea wrote:
> Cert selection for Firefox does need to be improved. On the other hand,
> I found the larger memory footprint argument someone confusing. At the
> cost of about 20 bytes per client you would rather chew up CPU and
> network reso
On Tue, Mar 17, 2009 at 02:39:56PM +0200, Eddy Nigg wrote:
> On 03/17/2009 01:55 PM, Ian G:
>> [4] There is some discussion about session caching, and it may be true
>> that there are server problems to be sorted out. But as far as I can
>> see, most of the sites that I deal with have this iss
On Wed, Sep 17, 2008 at 05:06:55PM -0700, Wan-Teh Chang wrote:
> On Wed, Sep 17, 2008 at 4:52 PM, Eddy Nigg <[EMAIL PROTECTED]> wrote:
> >
> > I've been banging my head against a wall here because of this FUD and
> > about misinformation which is absolutely incorrect. Sad, because there
> > are man
On Sat, Jul 26, 2008 at 05:17:56PM -0700, Nelson Bolyard wrote:
> Daniel Stenberg wrote, On 2008-07-26 13:45:
>
> > As a user of OpenSSL, NSS, yassl and GnuTLS I can certainly agree that
> > GnuTLS has flaws in its API but NSS most certainly also has flaws as well
> > _and_ notable missing feature
For a test suite I'm importing a PKCS#12 cert into a fresh database as
follows:
rm -rf nssdb
echo foobar > nssdb.pw
${CERTUTIL} -d nssdb -N -f nssdb.pw
${PK12UTIL} -d nssdb -K foobar -W '' -i unclient.p12
and then using that database with the softokn PKCS#11 module.
With NSS 3.11, doin
Hi. When using the libsoftokn3.so PKCS#11 provider, is it safe to open
a read-only session to a database which is opened read-write by another
process (e.g. Firefox)? (By "safe", I mean simply that the provider
will not crash and burn if Firefox modifies something underneath it)
joe
_
2817-style upgrades were added to mod_ssl I think purely as a
well-intentioned (but perhaps naive) attempt to solve the SSL vs
name-based virtual hosting problem, which is something we see Apache
users ask for, and get confused by, almost daily. I agree it is
basically useless: you didn't ment
8 matches
Mail list logo
