3 November This code is in the upstream trunk now, so this content is mainly an archive of its history. In order to specify our own encapsulated content types in CMS messages, we need some API help from NSS that's in 3.12.10 or later. * https://bugzilla.mozilla.org/show_bug.cgi?id=584224 * https://bugzilla.mozilla.org/show_bug.cgi?id=491918 Some peers that generate version 3 signed data can't be verified without this fix to NSS that should be in 3.12.11 or later: * https://bugzilla.mozilla.org/show_bug.cgi?id=602509 RSA mode doesn't work against Windows Server 2003/2003r2 unless a change is made to accommodate the server interpreting the CMS specification in a way that doesn't match my reading of the spec, fixed in 3.13 and later (going by RCS IDs from the bug report and the 3.13 source tree): * https://bugzilla.mozilla.org/show_bug.cgi?id=679377 RSA mode doesn't work against Windows Server 2008/2008r2 unless a different change is made to accommodate the server interpreting the CMS specification in a way that also doesn't match my reading of the spec, fixed in 3.13 and later: * https://bugzilla.mozilla.org/show_bug.cgi?id=679380 We also depend on the PEM module in order to process FILE: and DIR: identity types. * https://bugzilla.mozilla.org/show_bug.cgi?id=402712 * DH mode interoperates with the OpenSSL implementation and WS2008. * RSA mode interoperates with the OpenSSL implementation, WS2003, and WS2008. * anonymous mode interoperates with the OpenSSL implementation. * FILE: keys and certificates work if libnsspem is available. * DIR: keys and certificates work if libnsspem is available. * PKCS11: keys and certificates should work. * PKCS12: sources work, though we do some shenanigans with a temporary directory to avoid making permanent changes to databases. (NSS's sqlite storage backend already expects that the temporary directory is writable, so it's not new.) * NSS: sources work. * CRL caching APIs succeed and we honor the "pkinit_require_crl_checking" option, with the exception that we allow for a CRL to be missing if the certificate contains an AuthorityInfoAccess extension with an OCSP responder. NSS will check with that responder unless a CRL tells it that the certificate is revoked (i.e., if the CRL is found and doesn't include the certificate's serial number, NSS will still attempt OCSP). * The string format of subject and issuer distinguished names as generated by NSS doesn't always match OpenSSL's, so the contents of mapping files may need to be adjusted, or we'll have to start parsing the names ourselves.