From owner-freebsd-gecko@FreeBSD.ORG Thu Mar 12 01:05:04 2015 Return-Path: Delivered-To: gecko@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5A3C22C0 for ; Thu, 12 Mar 2015 01:05:04 +0000 (UTC) Received: from mail.hacknet.eu (mail.hacknet.eu [217.92.244.29]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.hacknet.eu", Issuer "DACS Labs." (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id EDC1DA82 for ; Thu, 12 Mar 2015 01:05:03 +0000 (UTC) Received: from localhost ([192.168.1.4]) (authenticated bits=0) by mail.hacknet.eu (8.14.9/8.14.9) with ESMTP id t2C0xD4a058118 for ; Thu, 12 Mar 2015 01:59:13 +0100 (CET) (envelope-from ddm@dacs-labs.com) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dacs-labs.com; s=default; t=1426121954; bh=Y5jNY9da+ySKl/2AYXUGrlcVTfG9YubfUzMgNR6ke5A=; h=Subject:From:To:Date; b=lf+cYNPVSed86Qnnt1q+vRQm4bd3ZtSL5qu+27ww5Ai4T+Q6Czq9iAZNThd6rr83Z mZAEcK+mTzXvSnXc3UhejcJD3/DHCZDHkmtoy+on1erRRsyHE3Irr1WzYMbGeLtDLT eeUnyiPflEAcnFk+7SYD9a6iYEKsfUXgfIpwxZkM= Subject: Firefox Cipher From: "Del Monego, Dirk" To: gecko@FreeBSD.org User-Agent: Tine 2.0 Email Client (version Koriander - 2014.09.8) Organization: DACS Labs. Message-Id: <4e25ed5dae7a5193a253345dfb1308feb0e749c3@dacs-labs.com> X-MailGenerator: Tine 2.0 Date: Thu, 12 Mar 2015 00:59:13 +0000 Content-Type: multipart/mixed; charset=UTF-8; boundary="=_9e75b15d012592757e71cc8bb02e0a89" MIME-Version: 1.0 X-Spam-Status: No, score=-2.9 required=12.0 tests=ALL_TRUSTED,BAYES_00, HTML_MESSAGE autolearn=ham autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mail.hacknet.eu X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 X-BeenThere: freebsd-gecko@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Gecko Rendering Engine issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Mar 2015 01:05:04 -0000 This is a message in Mime Format. If you see this, your mail reader does not support this format. --=_9e75b15d012592757e71cc8bb02e0a89 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi all,=0A=0Afirst of all many thanks for maintaining the Firefox port!= I regionized that a very important Cipher=0Ais not included in Firefox:= =0ADHE-RSA-AES256-GCM-SHA256=0A=0Aonly the ECDHE version is supported. I= n fact ECDHE is compromized because its based on=0ANIST curves which usi= ng prime fields instead of a "real" prime generator.=0AI patch my Firefo= x for month and it works absolutely fine. =0A=0AOnly the files:=0AnsNSSC= omponent.cpp and=0Asecurity-prefs.js=0Aneed small patches. I attach the= diffs.=0A=0AI think it would be nice if Firefox supports the cipher "ou= t of the box".=0A=0ABest regards Dirk=0A=0A --=_9e75b15d012592757e71cc8bb02e0a89 Content-Type: undefined; name="=?utf-8?Q?nsNSSComponent.cpp-patch?=" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?Q?nsNSSComponent.cpp-patch?=" LS0tIHdvcmsvbW96aWxsYS1yZWxlYXNlL3NlY3VyaXR5L21hbmFnZXIvc3NsL3NyYy9uc05TU0Nv bXBvbmVudC5jcHAJMjAxNS0wMS0wOSAwNTozODoyOC4wMDAwMDAwMDAgKzAxMDAKKysrIHdvcmtf bmV3L21vemlsbGEtcmVsZWFzZS9zZWN1cml0eS9tYW5hZ2VyL3NzbC9zcmMvbnNOU1NDb21wb25l bnQuY3BwCTIwMTUtMDEtMjIgMjM6MTA6MDkuNDM5MTIwMjk0ICswMTAwCkBAIC02NDYsNiArNjQ2 LDkgQEAKICB7ICJzZWN1cml0eS5zc2wzLmVjZGhlX3JzYV9kZXNfZWRlM19zaGEiLAogICAgVExT X0VDREhFX1JTQV9XSVRIXzNERVNfRURFX0NCQ19TSEEsIGZhbHNlIH0sIC8vIGRlcHJlY2F0ZWQg KDNERVMpCiAKK3sgInNlY3VyaXR5LnNzbDMuZGhlX3JzYV9hZXNfMTI4X2djbV9zaGEyNTYiLAor ICAgVExTX0RIRV9SU0FfV0lUSF9BRVNfMTI4X0dDTV9TSEEyNTYsIHRydWUgfSwKKwogIHsgInNl Y3VyaXR5LnNzbDMuZGhlX3JzYV9hZXNfMTI4X3NoYSIsCiAgICBUTFNfREhFX1JTQV9XSVRIX0FF U18xMjhfQ0JDX1NIQSwgdHJ1ZSB9LAogCg== --=_9e75b15d012592757e71cc8bb02e0a89 Content-Type: undefined; name="=?utf-8?Q?security-prefs.js-patch?=" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="=?utf-8?Q?security-prefs.js-patch?=" LS0tIHdvcmsvbW96aWxsYS1yZWxlYXNlL25ldHdlcmsvYmFzZS9wdWJsaWMvc2VjdXJpdHktcHJl ZnMuanMJMjAxNS0wMS0wOSAwNTozODoyNi4wMDAwMDAwMDAgKzAxMDAKKysrIHdvcmtfbmV3L21v emlsbGEtcmVsZWFzZS9uZXR3ZXJrL2Jhc2UvcHVibGljL3NlY3VyaXR5LXByZWZzLmpzCTIwMTUt MDEtMjIgMjM6MTA6MDEuMTQ5MTIxMjYwICswMTAwCkBAIC0yNSw2ICsyNSw3IEBACiBwcmVmKCJz ZWN1cml0eS5zc2wzLmVjZGhlX3JzYV9hZXNfMjU2X3NoYSIsIHRydWUpOwogcHJlZigic2VjdXJp dHkuc3NsMy5lY2RoZV9lY2RzYV9hZXNfMjU2X3NoYSIsIHRydWUpOwogcHJlZigic2VjdXJpdHku c3NsMy5lY2RoZV9yc2FfZGVzX2VkZTNfc2hhIiwgZmFsc2UpOworcHJlZigic2VjdXJpdHkuc3Ns My5kaGVfcnNhX2Flc18xMjhfZ2NtX3NoYTI1NiIsIHRydWUpOwogcHJlZigic2VjdXJpdHkuc3Ns My5kaGVfcnNhX2Flc18xMjhfc2hhIiwgdHJ1ZSk7CiBwcmVmKCJzZWN1cml0eS5zc2wzLmRoZV9y c2FfY2FtZWxsaWFfMTI4X3NoYSIsIGZhbHNlKTsKIHByZWYoInNlY3VyaXR5LnNzbDMuZGhlX3Jz YV9hZXNfMjU2X3NoYSIsIHRydWUpOwo= --=_9e75b15d012592757e71cc8bb02e0a89--