[Bug 248730] Review Request: nss_compat_ossl - OpenSSL to NSS porting library
bugzilla at redhat.com
bugzilla at redhat.com
Wed Jul 18 19:03:52 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: nss_compat_ossl - OpenSSL to NSS porting library
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248730
------- Additional Comments From rcritten at redhat.com 2007-07-18 15:03 EST -------
A very good question. The biggest problems are CRL management and certificate
validation.
NSS handles CRLs automatically if they are installed into the security database
being used.
And it does certificate validation a bit differently. I do have some limited
support for using a verify_client callback but it is not quite complete.
A broad overview of what it can do are:
* Creating an SSL server listener and accepting requests
* Creating an SSL client socket and making requests
* Ciphers that should be compatible with OpenSSL
* Client certificate authentication
* Random numbers
* Token password prompting/handlng
nss_compat_ossl.h has the complete list of the API but that can be a bit
misleading because some of the functions are no-ops.
It doesn't offer:
- Low-level crypto (DES,etc)
- BIO (a very small portion of that is provided)
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the package-review
mailing list