When we fix the NSS bug (bug 188856) that broke the DHE ciphersuites, the DHE ciphersuites should be added back to PSM. The patch would be the reverse of the patch in bug 190640.
In addition, fixing this bug would be an opportunity to add cipher TLS_DHE_DSS_WITH_RC4_128_SHA, too.
Created attachment 114781 [details] [diff] [review] Proposed patch This patch adds the DHE cipher suites back. It is the exact reverse of the patch (attachment 112741 [details] [diff] [review]) in bug 190640. I don't know how to add the TLS_DHE_DSS_WITH_RC4_128_SHA cipher as Kai suggested. Please feel free to do that.
Kai, do you know why TLS_DHE_DSS_WITH_RC4_128_SHA was not added before? Was it just an oversight?
Created attachment 114783 [details] [diff] [review] Alternate patch (with TLS_DHE_DSS_WITH_RC4_128_SHA) This patch adds the TLS_DHE_DSS_WITH_RC4_128_SHA cipher suite as well. I add it to the position indicated by the original comment "If this cipher gets included at a later time, it should get added at this position".
Comment on attachment 114783 [details] [diff] [review] Alternate patch (with TLS_DHE_DSS_WITH_RC4_128_SHA) Kai, I have both patches for your review. Please pick the one you want and mark the other one obsolete. The key to reviewing this patch is the position of the TLS_DHE_DSS_WITH_RC4_128_SHA cipher. Thanks.
Comment on attachment 114781 [details] [diff] [review] Proposed patch r=kaie I believe this patch makes most sense until the status of the other cipher is cleared.
Comment on attachment 114781 [details] [diff] [review] Proposed patch These SSL ciphersuites were removed shortly before mozilla 1.3beta because of a bug in NSS (bug 188856). Now that the underlying NSS has been fixed, I'd like to add these SSL ciphersuites back.
Comment on attachment 114781 [details] [diff] [review] Proposed patch a=asa (on behalf of drivers) for checkin to 1.3.
Patch checked in for mozilla 1.3. Kai, I don't know which PSM target milestone I should set it to.