Re: Adding Ciphers
Julien Pierre wrote: > Jay Potter wrote: > >Any suggestions on what I would need to do to get this implimented? > > A lot of convincing that it is worth doing, to begin with. IMO, > pre-shared keys have no place in a general-purpose Internet browser such > as Mozilla. The authors of RFC4279 agree - see section 1.1 . > > " The ciphersuites defined in this document are intended for a rather > limited set of applications, usually involving only a very small > number of clients and servers. Even in such environments, other > alternatives may be more appropriate." That was added mostly to keep the still-waiting-for-PKI-to-start-working crowd appeased. I don't think it reflects the opinions of most TLS-PSK users, and shouldn't have any bearing on support of TLS-PSK in Mozilla. (This could turn into a religious debate, but IMHO properly-implemented TLS-PSK is one of the strongest anti-phishing measures that could be added to current web browsers). Peter. ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Wanted: public https servers that request client auth
Do you know of an https server, directly reachable on the Internet, that requests (and/or requires) SSL/TLS client authentication? That is, one that requests that the client send a certificate to the server identifying the client, during the SSL/TLS handshake? If so, please send me (of this list) the URL of one or more. I'd like ot amass a list of them. Thanks. -- Nelson B ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Wanted: public https servers that request client auth
Nelson B wrote: Do you know of an https server, directly reachable on the Internet, that requests (and/or requires) SSL/TLS client authentication? That is, one that requests that the client send a certificate to the server identifying the client, during the SSL/TLS handshake? If so, please send me (of this list) the URL of one or more. I'd like ot amass a list of them. Thanks. https://secure.cacert.org -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Because e164.arpa is a tax on VoIP "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Wanted: public https servers that request client auth
Duane wrote: > Nelson B wrote: > >> Do you know of an https server, directly reachable on the Internet, >> that requests (and/or requires) SSL/TLS client authentication? >> If so, please send me (of this list) the URL of one or more. >> I'd like ot amass a list of them. >> >> Thanks. > > https://secure.cacert.org Thanks, Duane. Your site will appear at the top of my list. Any others, anyone? -- Nelson B ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
