Re: Curves

What policy do you mean? I think we could patch up the relevant parts of moz::pkix in pretty short order, but note that NSS doesn't support EdDSA quite yet (AFAIK). On Fri, Sep 30, 2016 at 6:17 PM, Jeremy Rowley wrote: > I'd like to start using EdDSA curves for customers (and push for HSM > sup

Re: How to integrate an asymmetric cryptographic algorithm in nss

Hi there, The steps you will need to go through are roughly the following: * Implement the algorithm itself in freebl * Write some plumbing to expose the algorithm through the PKCS#11 interface You can see how this was done for RSA-PSS in these bugs: https://bugzilla.mozilla.org/show_bug.cgi?id

Re: New wiki page on certificate revocation plans

Sorry, wrong thread. Expect to see a security blog post about revocation soon, summarizing some recent work :) On Sat, Nov 21, 2015 at 11:59 AM, Richard Barnes wrote: > I took a hack at the blog post. I kept your outline, but ended up > text-editing a bunch of it. I think it's

Re: New wiki page on certificate revocation plans

I took a hack at the blog post. I kept your outline, but ended up text-editing a bunch of it. I think it's pretty good now. On Thu, Jul 31, 2014 at 10:07 PM, Richard Barnes wrote: > Hi all, > > We in the Mozilla PKI team have been discussing ways to improve revocation > ch

Re: ssl_error_weak_server_cert_key

Sounds like your server is using a weak key :) Firefox currently requires both RSA and DH keys to be at least 1023 bits long. https://dxr.mozilla.org/mozilla-central/source/security/nss/lib/ssl/sslimpl.h#158 The way to permanently fix this problem is to reconfigure the server, either with longer

Re: PKI Hierarchy Question

It seems like part of your question is whether it's necessary for the terminal cert in a chain to have subject==issuer. That is absolutely *not* the case, at least in NSS. Any certificate can be marked as trusted, in which case validation will terminate with that cert successfully (or actively di

Re: Minimum OCSP responder's key length

We do not have a concrete plan to turn off support for 1024-bit keys, but we are actively working on phasing out support for keys shorter than 2048 bits. I would *strongly* recommend using a 2048-bit key for any new certs, and upgrading any existing certs with shorter keys. Sent from my iPhone.

Re: Error code: sec_error_ca_cert_invalid

Hey Rebecca, Can you send along the certificate chain that the site is presenting? Thanks, --Richard On Thu, Apr 23, 2015 at 4:11 PM, wrote: > Accessing https site that is used by the entire state of Indiana. My > office is apparently the only office that cannot access the site. Well, > that i

Re: Announcing Mozilla::PKIX, a New Certificate Verification Library

> On Nov 5, 2014, at 3:43 PM, crodenb...@gmail.com wrote: > > On Thursday, October 16, 2014 3:04:59 PM UTC-5, treb...@gmail.com wrote: >> On Monday, April 7, 2014 6:33:50 PM UTC-4, Kathleen Wilson wrote: >>> All, >>> >>> >>> >>> We have been working on a new certificate verification library fo

Proposal: Disable SSLv3 in Firefox ESR 31

Hey all, By now, you've probably heard about the POODLE attacks on SSLv3, and our decision to disable SSLv3 by default in Firefox 34 [1]. Several people have proposed that we also make this change in Firefox ESR 31. So I wanted to propose that we also disable SSLv3 by default in ESR 31 at ab

Re: Announcing Mozilla::PKIX, a New Certificate Verification Library

On Aug 11, 2014, at 3:58 PM, br...@consultbruce.com wrote: > On Monday, April 7, 2014 6:33:50 PM UTC-4, Kathleen Wilson wrote: >> All, >> >> >> >> We have been working on a new certificate verification library for >> >> Gecko, and would greatly appreciate it if you will test this new library

Re: Announcing Mozilla::PKIX, a New Certificate Verification Library

On Aug 5, 2014, at 1:25 PM, Brian Smith wrote: > On Tue, Aug 5, 2014 at 9:51 AM, wrote: >> Since updating to 31, I have not been able to log into a self signed web >> page: >> >> Secure Connection Failed >> >> An error occurred during a connection to taiserver:444. Certificate key >> usage

Re: New wiki page on certificate revocation plans

, we can tolerate a high failure rate, maybe as high as 0.5% (2^-9). At that rate, a 250KB limit would fit around 220,000 CRL entries. So we would need to do some experimentation to see how that capacity compares to the size of CRLs in the wild. --Richard > > On 01/08/14 03:07, Richar

Re: New wiki page on certificate revocation plans

[mailto:dev-security-policy-bounces+jeremy.rowley=digicert@lists.mozilla.org] > On Behalf Of Richard Barnes > Sent: Thursday, July 31, 2014 8:08 PM > To: mozilla-dev-security-pol...@lists.mozilla.org; > mozilla-dev-tech-cry...@lists.mozilla.org > Subject: New wiki page on certificat

New wiki page on certificate revocation plans

Hi all, We in the Mozilla PKI team have been discussing ways to improve revocation checking in our PKI stack, consolidating a bunch of ideas from earlier work [1][2] and some maybe-new-ish ideas. I've just pressed "save" on a new wiki page with our initial plan: https://wiki.mozilla.org/CA:Re

Re: How to export private key in RSA format from NSS

ext than gecko? --Richard > Now I am trying to decrypt key exported by PK11_ExportEncryptedPrivKeyInfo() > with method SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4 directly, which > seems to be the most simple method to decrypt. > > 於 2014/7/16 上午 01:59, Richard Barnes 提到: >

Re: How to export private key in RSA format from NSS

Have you tried exporting with PK11_ExportDERPrivateKeyInfo? That's what WebCrypto uses to export keys in PKCSD#8 format: On Jul 13, 2014, at 10:48 PM, Chuck Lee wrote: > Hi all, >I am now working on supportin