Open Bug 340044 Opened 19 years ago Updated 3 years ago

Implement TLS server side of "fixed_ECDH" client auth methods

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: nelson, Unassigned)

References

(
URL
)

Details

Nelson Bolyard (seldom reads bugmail)

Reporter

Description

•

19 years ago

RFC 4492 (ECC in TLS) defines 3 methods for client authentication. NSS presently implements only the first one: ECDSA_sign which is most like the client auth method used with RSA certs. This RFE asks for NSS to implement the other two, ECDSA_fixed_ECDH RSA_fixed_ECDH on the server side, so that an NSS server can ask a remote TLS client to authenticate with these methods instead of, or in addition to, the ECDSA_sign.

Nelson Bolyard (seldom reads bugmail)

Reporter

Comment 1

•

19 years ago

Note that presently, NSS servers configured to request client auth for ECC will always request the method ECDSA_sign, and all the desktop ECC TLS clients are believed to implement this method.

Nelson Bolyard (seldom reads bugmail)

Reporter

Updated

•

19 years ago

Priority: -- → P3

BMO Automation

Updated

•

3 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Implement TLS server side of "fixed_ECDH" client auth methods

Categories

(NSS :: Libraries, defect, P3)

Tracking

(Not tracked)

People

(Reporter: nelson, Unassigned)

References

(
URL
)

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Updated