Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: nss_compat_ossl - OpenSSL to NSS porting library https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248730 ------- Additional Comments From rcritten@xxxxxxxxxx 2007-07-18 15:03 EST ------- A very good question. The biggest problems are CRL management and certificate validation. NSS handles CRLs automatically if they are installed into the security database being used. And it does certificate validation a bit differently. I do have some limited support for using a verify_client callback but it is not quite complete. A broad overview of what it can do are: * Creating an SSL server listener and accepting requests * Creating an SSL client socket and making requests * Ciphers that should be compatible with OpenSSL * Client certificate authentication * Random numbers * Token password prompting/handlng nss_compat_ossl.h has the complete list of the API but that can be a bit misleading because some of the functions are no-ops. It doesn't offer: - Low-level crypto (DES,etc) - BIO (a very small portion of that is provided) -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review