On Wen, 03 Jun 2009, Nelson B Bolyard wrote:
Finally, I will add that (IINM) Thunderbird 3 has support for AES.
I don't know about the SHA1 vs SHA2 issue.
No, it hasn't, TB hardcodes SHA1. No variations:
----( begin cite )--------
nsresult
nsMsgComposeSecure::MimeInitMultipartSigned()
{
...
/* Now initialize the crypto library, so that we can compute a hash
on the object which we are signing.
*/
mHashType = nsICryptoHash::SHA1;
PR_SetError(0,0);
mDataHash = do_CreateInstance("@mozilla.org/security/hash;1", &rv);
if (NS_FAILED(rv)) return 0;
rv = mDataHash->Init(mHashType);
...
----( end cite )--------
[https://mxr.mozilla.org/comm-central/source/mailnews/extensions/smime/src/nsMsgComposeSecure.cpp#496]
On Thu, 04 Jun 2009, Nelson B Bolyard wrote:
On 2009-07-02 02:20 PDT, Jean-Marc Desperrier wrote:
I'm not very well placed to give a specification, but it seems it's really nothing more
than "take sMIMECapabilities, include it inside x509".
It would be good to include the RFE also in Dogtag then.
I have subsequently learned that this is specified in RFC 4262.
I have filed RFEs for NSS and for Dogtag. I CC'ed you on the NSS RFE.
https://bugzilla.mozilla.org/show_bug.cgi?id=502139
This enhancement will be useless until Mozilla/"MailNews Core" attends these
capabilities. Given that TB security enhancements are stalled for years, I wouldn't rely
on this.
Best regards,
--
Konstantin Andreev, software engineer.
Swemel JSC
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
