Mozilla - Security

This forum is an archive for the mailing list dev-security@lists.mozilla.org (more options) Messages posted here will be sent to this mailing list.
Security issues such as specific security problems or ideas for making the code as a whole more secure can be discussed here. Cryptography, however, is not within this group's charter.
1234567 ... 25
Topics (862)
Replies Last Post Views
Why a fake certificate can pass validation? by chenyt.cs.sjtu
1
by Hubert Kario
"Permission denied to access property 'apply'" for wrapped functions by Jordan Santell
7
by Bobby Holley-3
Why a fake certificate can be verified by chenyt.cs.sjtu
0
by chenyt.cs.sjtu
Why not DNS records Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure by Ryan Sleevi-2
9
by Kevin Chadwick-2
OpenSSL Library Call Redirection, OpenPGP, DANE by Coyo
0
by Coyo
Personal Certificate importing learning by Rachel McGuigan
0
by Rachel McGuigan
CCC security conference 31C3 by Ben Bucksch
0
by Ben Bucksch
Public Key Pinning (was Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure) by Jeffrey Walton
5
by Ryan Sleevi-3
Insecure Password Fields and Firefox Developer Edition by Tanvi Vyas-2
15
by Gervase Markham
Proposal: Marking HTTP As Non-Secure by Dominick Marciano
4
by Chris Palmer
Possible bug/issue with TLS 1.2 client authentication between IE and Apache+NSS? by James Chappell
0
by James Chappell
Circumstances cause CBC often to be preferred over GCM modes by Hanno Böck-4
11
by ianG-2
RE: Marking HTTP As Non-Secure by Cypher G
0
by Cypher G
Globalsign screwup with OCSP (and I've no idea how to file the bug in Firefox) by Kyle Hamilton-2
1
by David Keeler-2
TLS 1.2 support by NSS for flash by sachin gupta
0
by sachin gupta
Cross Compilation of NSS by sachin gupta
0
by sachin gupta
Communicating that unsupported browsers cannot be used by Ben Bucksch
18
by Kevin Chadwick-2
Showing OCSP calls in the Network tab by Eric Mill
6
by Daniel Veditz-2
NSS modutil: Adding a PKCS#11 module with a PIN and storing PIN in nssdb by Mike Gerow
4
by Anders Rundgren-2
https connection to PayPal without identity information by Rainer
3
by Daniel Veditz-2
Valuable Mozilla Firefox Security powered by WorldIP free firefox add-on by Peter Moszczyński
2
by Alex Jordan
NSS_InitReadWrite missing in nss3.dll by mludha
1
by Daniel Veditz-2
how to disable sslv3 in nss? by Lois Janes
7
by Kyle Hamilton
Time to dump NSS by Anders Rundgren-2
0
by Anders Rundgren-2
Testing mozilla::pkix by alexrait
1
by David Keeler-2
TLS client authentication: (re)selecting identity & logging out by Ben de Graaff
0
by Ben de Graaff
What information should nsISSLStatus expose by Tom Schuster
1
by Martin Thomson
trouble opening web pages by april22c
0
by april22c
Re: Rationale for filling in passwords only on a tab keystroke by Matthew N.
0
by Matthew N.
Adding our organizations root CA to nssckbi.dll by havealoha
1
by Robert Strong
IP based virtual hosts are not working properly after upgrading Mozilla NSS by peterzhao2007
0
by peterzhao2007
IP-based virtual hosts are not working properly after upgrading mozilla-nss, mozilla-nss-tools and apache2-mod_nss by peterzhao2007
0
by peterzhao2007
Rationale for filling in passwords only on a tab keystroke by Daniel Glus
1
by Tanvi Vyas
creating exceptions in the firefox store. by McCafferty, Richard
0
by McCafferty, Richard
bug: HTTPS indicator broken in some cases by kyprizel
2
by Tanvi Vyas
1234567 ... 25