Re: Firefox cannot act as DHE server

2016-03-10 Thread ors . szabo . hu 
Thanks a lot Martin, will look into that!

Regards,
Ors
___
dev-media mailing list
dev-media@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-media

Re: Firefox cannot act as DHE server

2016-03-10 Thread Martin Thomson 
On Fri, Mar 11, 2016 at 10:18 AM, Nils Ohlmeier  wrote:
> Have you read this hack post already?
> https://hacks.mozilla.org/2015/02/webrtc-requires-perfect-forward-secrecy-pfs-starting-in-firefox-38/

That posting isn't quite relevant, this is:

> TLS_DHE_***RSA***_...

Firefox won't act as server for RSA-based cipher suites without the
certificate management API.

That's here:

https://developer.mozilla.org/fi/docs/Web/API/RTCCertificate

It's perfectly happy to be a client, because the cipher suite doesn't
constrain the certificate that a client can use.
___
dev-media mailing list
dev-media@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-media

Re: Firefox cannot act as DHE server

2016-03-10 Thread Nils Ohlmeier 
Hi Ors,

> On Mar 10, 2016, at 09:12, ors.szabo...@gmail.com wrote:
> I'm getting DTLS handshake failure basically with all FF versions (even with 
> latest nightly build) for a DTLS client hello with the following cipher 
> suites:
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
> 
> Is this a known fault in FF?

Have you read this hack post already?
https://hacks.mozilla.org/2015/02/webrtc-requires-perfect-forward-secrecy-pfs-starting-in-firefox-38/

Best regards
  Nils Ohlmeier


signature.asc
Description: Message signed with OpenPGP using GPGMail
___
dev-media mailing list
dev-media@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-media

Firefox cannot act as DHE server

2016-03-10 Thread ors . szabo . hu 
Hello,

I'm getting DTLS handshake failure basically with all FF versions (even with 
latest nightly build) for a DTLS client hello with the following cipher suites:
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) 
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)

Is this a known fault in FF?

Regards,
Ors
___
dev-media mailing list
dev-media@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-media