Steffen Schulz wrote:
> Is there a reason for not activating TLS ciphersuites by default?
Yes, backwards binary compatibility. It is common for old products to
replace their old NSS shared libraries with the latest ones to obtain
the latest bug fixes (and/or vulnerability fixes). They do not wa
On 070825 at 02:10, Nelson B wrote:
> IIRC, the problem is not DSA but rather DHE. NSS does not presently
> support any DHE cipher suites on the server side, and it so happens
> that all the DSA cipher suites are also DHE cipher suites. IIRC,
> the missing code is not for DSA but for DHE. The is
On 070824 at 03:20, Wan-Teh Chang wrote:
> > Is usage of DSA-suites disencouraged? How can I test them?
> No, the use of DSA ciphersuites is not discouraged. But we haven't
> implemented DSA ciphersuites on the server side. They are only
> implemented on the client side. I believe this is the pr
Wan-Teh Chang wrote:
> On 8/23/07, Steffen Schulz <[EMAIL PROTECTED]> wrote:
>> Hi,
>>
>> I want to test DSA ciphersuites, but 'server' and 'selfsrv' seem to be
>> unable to handle them.
>>
>> I changed the source to enable some TLS-DSA suites but it seems
>> the ssl library is not being supplied w
On 070824 at 16:47, Wan-Teh Chang wrote:
> On 8/24/07, Steffen Schulz <[EMAIL PROTECTED]> wrote:
> Yes, most of the missing code is in the SSL library. There is a
> work-in-progress patch in the bug report for this feature:
> https://bugzilla.mozilla.org/show_bug.cgi?id=102794
I see.
No, I'm cu
On 8/24/07, Steffen Schulz <[EMAIL PROTECTED]> wrote:
>
> Okay. How much is missing to use DSA-suites in the 'server' sample
> program? The calls to look up the certificate and supply it to ssl look
> rather generic. OTOH, the server signing routines in the ssl library
> seem to be missing..
Yes,
On 070824 at 03:20, Wan-Teh Chang wrote:
> > Is usage of DSA-suites disencouraged? How can I test them?
> No, the use of DSA ciphersuites is not discouraged. But we haven't
> implemented DSA ciphersuites on the server side. They are only
> implemented on the client side. I believe this is the pr
On 8/23/07, Steffen Schulz <[EMAIL PROTECTED]> wrote:
> Hi,
>
>
> I want to test DSA ciphersuites, but 'server' and 'selfsrv' seem to be
> unable to handle them.
>
> I changed the source to enable some TLS-DSA suites but it seems
> the ssl library is not being supplied with a valid certificate.
>
>
Hi,
I want to test DSA ciphersuites, but 'server' and 'selfsrv' seem to be
unable to handle them.
I changed the source to enable some TLS-DSA suites but it seems
the ssl library is not being supplied with a valid certificate.
I created the dsa certificates with:
openssl pkcs12 -export -in dsa
9 matches
Mail list logo
