On 2010-05-15 01:35 PDT, Wan-Teh Chang wrote: > On Fri, May 14, 2010 at 11:18 PM, Nelson B Bolyard <nel...@bolyard.me> wrote: >> I looked through PSM for such a warning briefly. I found a warning for >> sites that use symmetric encryption of strength <= 90 bits, but I found >> nothing that specifically looks at public key strength. If I know the >> exact text of the warning to which you're referring, I can tell exactly >> what triggers it. > > I remember John Myers was interested in or work on the weak > server key/cert issue. But the only bug I can find is > https://bugzilla.mozilla.org/show_bug.cgi?id=31896 > which might be what Nelson found.
Yes, I found the code that was added for that bug. > So PSM may not be warning about a weak server key/cert. > > Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto