On 20/03/2010 03:01, Mountie Lee wrote:
the CertificateVerify step of SSL handshaking procedure does not support
SHA256 in current firefox.
right?
As Wan-Teh said a little above, supporting this requires TLS1.2, which
is not implemented today in NSS, the cryptographic library used by Firefox.
2010/3/19 Mountie Lee :
> Hi.
> I got to understand the differences and limitations.
> personal certificate signed by CA with SHA256 is OK in current firefox.
> the CertificateVerify step of SSL handshaking procedure does not support
> SHA256 in current firefox.
> right?
Yes, that's right.
Does O
Hi.
I got to understand the differences and limitations.
personal certificate signed by CA with SHA256 is OK in current firefox.
the CertificateVerify step of SSL handshaking procedure does not support
SHA256 in current firefox.
right?
regards.
mountie.
On Sat, Mar 20, 2010 at 10:53 AM, Wan-Te
On Fri, Mar 19, 2010 at 6:50 PM, Wan-Teh Chang wrote:
> 2010/3/19 Mountie Lee :
>> Hi.
>> sha256 certificate means
>> client certificate using sha256 for ssl client authentication.
>
> If you mean the signature in the TLS/SSL CertificateVerify message,
> then only TLS 1.2 allows you to use a SHA-2
2010/3/19 Mountie Lee :
> Hi.
> sha256 certificate means
> client certificate using sha256 for ssl client authentication.
If you mean the signature in the TLS/SSL CertificateVerify message,
then only TLS 1.2 allows you to use a SHA-256 signature, and NSS
doesn't support TLS 1.2 yet.
Wan-Teh
--
d
hi.
I read the thread #542441.
that is about mime type handling in firefox.
and has no relation with my question.
On Fri, Mar 19, 2010 at 4:09 PM, Gen Kanai wrote:
>
>
> On 3/19/10 3:37 PM, Nelson B Bolyard wrote:
> > On 2010/03/18 19:55 PST, Mountie Lee wrote:
> >
> >> Hi. all. I'm Mountie Lee
Hi.
sha256 certificate means
client certificate using sha256 for ssl client authentication.
regards.
mountie.
2010/3/20 Hanno Böck
> Am Freitag 19 März 2010 schrieb Mountie Lee:
> > May I ask Firefox has plan to support SHA256 in near future or
> > URL link for discussion thread?
>
> I have set
Am Freitag 19 März 2010 schrieb Mountie Lee:
> May I ask Firefox has plan to support SHA256 in near future or
> URL link for discussion thread?
I have set up a test site with sha256/sha512 certificates and they work pretty
well within all browsers I've tested including firefox. See here:
http://h
hi thanks for your mail
I comment line by line
Mountie
2010. 3. 19. 15:37 Nelson B Bolyard 작성:
On 2010/03/18 19:55 PST, Mountie Lee wrote:
Hi. all. I'm Mountie Lee of PayGate, Korea.
Welcome.
in Korea, National PKI is becoming big issue maker. one of good
considerations is storing Natio
On 3/19/10 3:37 PM, Nelson B Bolyard wrote:
> On 2010/03/18 19:55 PST, Mountie Lee wrote:
>
>> Hi. all. I'm Mountie Lee of PayGate, Korea.
>>
> Welcome.
>
>
>> in Korea, National PKI is becoming big issue maker. one of good
>> considerations is storing National Certificate to Browser
On 2010/03/18 20:09 PST, Gen Kanai wrote:
> KISA = Korea Internet Security Agency (a Korean government body that
> manages infosec policy.)
Yeah, the NSS team has had a fair amount of interaction with KISA in the
past, such as when we integrated their implementations of SEED and the TLS
SEED ciphe
On 2010/03/18 19:55 PST, Mountie Lee wrote:
> Hi. all. I'm Mountie Lee of PayGate, Korea.
Welcome.
> in Korea, National PKI is becoming big issue maker. one of good
> considerations is storing National Certificate to Browser KeyStore.
Are you talking about a root CA certificate?
Or a user's own
Hi!
On Mar 19, 12:22 pm, Mountie Lee wrote:
> Hi.
> thanks for your fast reply.
>
> I understand NSS support SHA256 from 2003 with version 3.8
>
> does the latest firefox use the latest NSS library?
>
> best regards.
> mountie.
Current Firefox 3.5.8 and 3.6.1 seem to include NSS 3.12.5.
regar
Hi.
thanks for your fast reply.
I understand NSS support SHA256 from 2003 with version 3.8
does the latest firefox use the latest NSS library?
best regards.
mountie.
On Fri, Mar 19, 2010 at 12:06 PM, Kurt Seifried wrote:
> Replying off list.
>
> 10 April 2003: NSS 3.8 Release
>
> The new feat
KISA = Korea Internet Security Agency (a Korean government body that
manages infosec policy.)
http://www.kisa.or.kr/eng/index.jsp
On 3/19/10 11:55 AM, Mountie Lee wrote:
> Hi. all.
> I'm Mountie Lee of PayGate, Korea.
>
> in Korea, National PKI is becoming big issue maker.
> one of good considera
Hi. all.
I'm Mountie Lee of PayGate, Korea.
in Korea, National PKI is becoming big issue maker.
one of good considerations is
storing National Certificate to Browser KeyStore.
also KISA has planned to upgrade certificate specification using SHA256 hash
algorithm in next year.
but current firefox
16 matches
Mail list logo
