The NSS team has released Network Security Services (NSS) 3.30
New in NSS 3.30:
* In the PKCS#11 root CA module (nssckbi), CAs with positive trust are
marked with a new boolean attribute, CKA_NSS_MOZILLA_CA_POLICY, set to
true. Applications that need to distinguish them from other other root CAs
may use the exported function PK11_HasAttributeSet.
* Support for callback functions that can be used to monitor SSL/TLS alerts
that are sent or received.
* The TLS server code has been enhanced to support session tickets when no
RSA certificate is configured.
* RSA-PSS signatures produced by key pairs with a modulus bit length that
is not a multiple of 8 are now supported.
* The pk12util tool now supports importing and exporting data encrypted in
the AES based schemes defined in PKCS#5 v2.1.