Re: iceweasel x590 vulnerability info

To: Thijs Kinkhorst <thijs@debian.org>
Cc: debian-www@lists.debian.org, team@security.debian.org
Subject: Re: iceweasel x590 vulnerability info
From: Raphael Hertzog <hertzog@debian.org>
Date: Thu, 15 May 2008 13:37:20 +0200
Message-id: <[🔎] 20080515113720.GA4402@ouaza.com>
Mail-followup-to: Thijs Kinkhorst <thijs@debian.org>, debian-www@lists.debian.org, team@security.debian.org
In-reply-to: <[🔎] 200805142336.46170.thijs@debian.org>
References: <[🔎] 200805142336.46170.thijs@debian.org>

On Wed, 14 May 2008, Thijs Kinkhorst wrote:
> Hi guys,
> 
> It would be great if the following could be incorporated into the key-rollover 
> page:
> 
> "The Iceweasel ("firefox") web browser functionality for generating X509 
> public/private keypairs (certificates) is not affected by this vulnerability. 
> Iceweasel uses nss, a different cryptography engine."

Where does Iceweasel offer such a functionnality? I know it can "import"
certificates but "generating"? At least I haven't seen anything like that
in the same window where you handle certificates.

Or is that related to the "Security device" and the way Iceweal can protect
"private information" such as passwords?

Cheers,
-- 
Raphaël Hertzog

Le best-seller français mis à jour pour Debian Etch :
http://www.ouaza.com/livre/admin-debian/

Reply to:

References:
- iceweasel x590 vulnerability info
  - From: Thijs Kinkhorst <thijs@debian.org>

Prev by Date: Re: german translation of http://www.debian.org/security/key-rollover/
Next by Date: gforge
Previous by thread: iceweasel x590 vulnerability info
Next by thread: Suggestion...
Index(es):
- Date
- Thread