gecko-dev/security
David Keeler 1e53398a23 bug 1182742 - allow users to override small key size errors r=rbarnes
Key size enforcement for TLS certificates happens at two levels: PSM and NSS.
PSM enforces a minimum of 1024 bits. NSS enforces a minimum of 1023 bits by
default. The NSS error is not overridable, but the PSM error is. This change
allows users to connect to devices with small RSA keys (as little as 512 bits)
using the certificate error override functionality.

MozReview-Commit-ID: 2TZ8c4I3hXC

--HG--
extra : rebase_source : a9c550f15261c711e789a670c90c129c65802ff0
2016-04-11 13:45:47 -07:00
..
apps Bug 1260643 - Convert most uses of ScopedCERTCertificate in PSM to UniqueCERTCertificate. r=keeler 2016-04-20 01:14:22 -07:00
certverifier Bug 1260643 - Convert most uses of ScopedCERTCertificate in PSM to UniqueCERTCertificate. r=keeler 2016-04-20 01:14:22 -07:00
manager bug 1182742 - allow users to override small key size errors r=rbarnes 2016-04-11 13:45:47 -07:00
nss Bug 1258375, NSS_3_24_BETA6 and required adjustments to PSM and packaging, r=martin.thomson, r=glandium 2016-04-12 14:40:44 +02:00
patches Bug 1137470, remove the documentation patch file, because it's no longer reverted locally, DONTBUILD 2015-03-20 13:38:13 +01:00
pkix bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r=Cykesiopka,mgoodwin 2016-02-09 10:14:27 -08:00
sandbox Bug 1261751 - Problems with OS X Sandboxed TempDir and Rules. r=bobowen r=gcp 2016-04-16 09:00:29 +02:00