Le 10 juin 2013 07:06, "Florian Weimer" <email@example.com> a écrit :
> * Bastien ROUCARIES:
> > Maybe crypto consolidation arround libnss will greatly help here.
> > jessie release goal ?
> NSS has lots of global state, and its proper initialization from
> another library is difficult.
Could you give some pointer?
Switching over to it is probably
> doable, but it's not really straightforward.
On the other hand, the
> TLS implementation in NSS has been doing host name validation for a
> long time, which is still problematic with some of the other
> NSS has its own problems with SUID/SGID binaries, but these could be
> addressed by switching PR_GetEnv to secure_getenv.
Could you also give some pointer?
I will open a wiki page
> To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org
> Archive: email@example.com">http://firstname.lastname@example.org