Help

2010-04-14 Thread 虎 季
I am an engineer working in mozilla China, I'm going to provide a solution for Chinese banks which support IE only in China now. The problem I met is that: There are many vendors who supply smart-cards for banks, they have implemented the pkcs#11 modules(maybe implemented most parts of p

Re: "some parts are unencrypted", but what parts?

2010-04-14 Thread Nelson B Bolyard
On 2010/04/14 04:15 PDT, Developer wrote: > Hello, > After test several pages with Firefox, in HTTPS mode. > > Why I can not know what part of page is unencrypted? > I see a warning of "some parts are unencrypted", but what parts? > A very big problem using data scheme under https downloaded page

Re: Alerts on TLS Renegotiation

2010-04-14 Thread Eddy Nigg
On 04/14/2010 02:58 AM, Marsh Ray: Here are some excerpts from http://tools.ietf.org/html/rfc5746 I tried to cut out some of the irrelevant details so as not to "desensitize" everybody with too much information :-) Thanks for your response here... So the RFC RECOMMENDED many times against

NSS Completes its 5th FIPS validation

2010-04-14 Thread Robert Relyea
The NSS team just completed its 5th FIPS validation with NSS 3.12.4. NSS again has been validated up to Level-2 on Solaris (#1279, sparc and x86), Level-2 on RHEL5 (#1280, 64 and 32 bit), and Level-1 on Mac and Windows (#1278). In 1997, NSS was the first software module to get FIPS Level-2 validat

Re: how to use own CRL_callback

2010-04-14 Thread huican
Hello Bob, Thanks for your reply... I have more questions inline ;< On Wed, Apr 14, 2010 at 5:15 PM, Robert Relyea wrote: > On 04/14/2010 02:58 PM, huican wrote: >> Hello, >> >> I am new to NSS crypto, I just wonder whether there is any easy way to >> use my own crl_callback function for CRL che

Re: how to use own CRL_callback

2010-04-14 Thread Robert Relyea
On 04/14/2010 02:58 PM, huican wrote: > Hello, > > I am new to NSS crypto, I just wonder whether there is any easy way to > use my own crl_callback function for CRL check. > No, there isn't a callback, there is a verify function that allows you to control just about every possible semantic of re

how to use own CRL_callback

2010-04-14 Thread huican
Hello, I am new to NSS crypto, I just wonder whether there is any easy way to use my own crl_callback function for CRL check. I have a situation that some other process downloaded/parsed the CRLs into a shared memory (so not in NSS DB) already, also FYI that shared memory is a hashtable which st

"some parts are unencrypted", but what parts?

2010-04-14 Thread Developer
Hello, After test several pages with Firefox, in HTTPS mode. Why I can not know what part of page is unencrypted? I see a warning of "some parts are unencrypted", but what parts? A very big problem using data scheme under https downloaded page (old bug) but difficult to locate it first time. Same