cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Security question about SSL Beast

From: Yang Tse <yangsita_at_gmail.com>
Date: Mon, 23 Apr 2012 17:06:27 +0200

On Mon, Apr 23, 2012 at 2:01 PM, Kamil Dudka <kdudka_at_redhat.com> wrote:

> You can try to compile libcurl against NSS instead of OpenSSL. �NSS uses
> another approach to prevent this kind of attack and does not send empty
> packets.

Honest question...

Which is current situation regarding libnsspem library availability
outside of RH universe? It seems it is required in order to allow
usage and interoperability with PEM certificates.

-- 
-=[Yang]=-
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2012-04-23

This message: [ Message body ]
Next message: Jochen Roderburg: "Re: Problem with special character # on target file"
Previous message: Dan Fandrich: "Re: Problem with special character # on target file"
In reply to: Kamil Dudka: "Re: Security question about SSL Beast"
Next in thread: Kamil Dudka: "Re: Security question about SSL Beast"
Reply: Kamil Dudka: "Re: Security question about SSL Beast"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]