Re: Master Password / personal data encryption

2009-08-19 Thread Marc Kaeser
Thanks, that's a super answer! But what do you think, instead of implementing another module, if I encrypted the whole softoken-database with a binding or sealing key, wouldn't it have the same effect? Instead of storing the tokens in the TPM itself, they'd be on disk, but protected by a tpm

Re: Problem with using crypto accelerator MCA6000 for RSA jobs

2009-08-19 Thread Rishi
On Aug 13, 6:54 pm, Rishi rishirenj...@gmail.com wrote: On Aug 13, 1:32 pm, Rishi rishirenj...@gmail.com wrote: On Aug 13, 6:13 am, Nelson B Bolyard nel...@bolyard.me wrote: On 2009-08-12 03:43 PDT, Rishi Renjith wrote: Hello, I tried creating a NSS database, linking it with

x509 certificate signature algorithm question

2009-08-19 Thread David Keeler
Hello, I have a question that should be pretty simple to answer, but I haven't been able to do so on my own. Is there a (or rather, what is the) difference between having an x509 (ssl) certificate with a signature algorithm of rsa encryption versus sha1 with rsa encryption? (Is it that the

Re: x509 certificate signature algorithm question

2009-08-19 Thread Wan-Teh Chang
On Wed, Aug 19, 2009 at 10:39 AM, David Keelerdkee...@mozilla.com wrote: Hello, I have a question that should be pretty simple to answer, but I haven't been able to do so on my own. Is there a (or rather, what is the) difference between having an x509 (ssl) certificate with a signature

Re: x509 certificate signature algorithm question

2009-08-19 Thread Kyle Hamilton
Typically, that means MD5 with RSA Encryption. On Wed, Aug 19, 2009 at 3:12 PM, David Keelerdkee...@mozilla.com wrote: Wan-Teh Chang wrote: I think rsa encryption is a public key algorithm, where as sha1 with rsa encryption is a signature algorithm. Thank you for the quick response.  This

Re: x509 certificate signature algorithm question

2009-08-19 Thread Nelson B Bolyard
On 2009-08-19 15:12 PDT, David Keeler wrote: Wan-Teh Chang wrote: I think rsa encryption is a public key algorithm, where as sha1 with rsa encryption is a signature algorithm. Thank you for the quick response. This isn't quite what I was getting at, though. I guess my question really

Re: How can I tell what key strength is used to negotiate HTTPS content encryption keys?

2009-08-19 Thread Nelson B Bolyard
On 2009-08-19 11:30 PDT, Justin wells wrote: Hi all, When I visit an HTTPS link I can see what strength of encryption is used to encrypt the content (e.g., 256 bit AES) and if I dig a little I can even see the strength of the certificate used for authentication (e.g., 1024 bit RSA). What I

Re: Problem with using crypto accelerator MCA6000 for RSA jobs

2009-08-19 Thread Nelson B Bolyard
On 2009-08-19 06:30 PDT, Rishi wrote: OK , we have made some progress, we could disable the softtoken by commenting the line softtoken_extra.so in mca.conf in /kernel/drv/. Now we got an SSL handshake error bad MAC. This we thought would be because the crypto card does not support hashing