[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#7367) [PATCH] MozNSS: update list of supported cipher suites
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#7367) [PATCH] MozNSS: update list of supported cipher suites
- From: hyc@symas.com
- Date: Tue, 30 Oct 2012 23:15:40 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Rich Megginson wrote:
> On 10/03/2012 10:18 AM, Howard Chu wrote:
>> Thanks for your comments, Rich.
>>> Maybe we could use nss_compat_ossl to do the mapping of cipher names
>>> from openssl to moznss?
>>
>> That makes sense to me, although if as you say it hasn't been actively
>> maintained, that sounds like another problem. But certainly if other
>> apps are using it, then aren't they going to want new cipher suite
>> support too?
>>
> Yes, and imho nss_compat_ossl is the place to do this.
>
> But, would it be possible to update the cipher suite list in tls_m.c
> first, to bring it up to date, then work on updating the compat library?
I discussed this with Kurt; the Project's policy on issues like this in the
past has been not to commit any backward-compatibility fixes of this sort
until the real fix has already been released. I.e., we should wait until
nss_compat_ossl has been updated.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/