diff options
Diffstat (limited to 'system/mozilla-nss/faq.html')
| -rw-r--r-- | system/mozilla-nss/faq.html | 364 |
1 files changed, 0 insertions, 364 deletions
diff --git a/system/mozilla-nss/faq.html b/system/mozilla-nss/faq.html deleted file mode 100644 index 176fe8f883..0000000000 --- a/system/mozilla-nss/faq.html +++ /dev/null @@ -1,364 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> -<html> -<head> -<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> -<link rel="top" title="Home" href="http://www.mozilla.org/"> -<link rel="stylesheet" type="text/css" href="../../../../css/print.css" media="print"> -<link rel="stylesheet" type="text/css" href="../../../../css/base/content.css" media="all"> -<link rel="stylesheet" type="text/css" href="../../../../css/cavendish/content.css" title="Cavendish" media="screen"> -<link rel="stylesheet" type="text/css" href="../../../../css/base/template.css" media="screen"> -<link rel="stylesheet" type="text/css" href="../../../../css/cavendish/template.css" title="Cavendish" media="screen"> -<link rel="icon" href="../../../../images/mozilla-16.png" type="image/png"> - -<TITLE>NSS FAQ</TITLE> -<script src="../../../../__utm.js" type="text/javascript"></script> -</head> -<body id="www-mozilla-org" class="secondLevel sectionDevelopers"> -<div id="container"> -<p class="skipLink"><a href="#mainContent" accesskey="2">Skip to main content</a></p> -<div id="header"> -<h1><a href="/" title="Return to home page" accesskey="1">Mozilla</a></h1> -<ul> -<li id="menu_aboutus"><a href="../../../../about/" title="Learn more about Mozilla">About</a></li> -<li id="menu_foundation"><a href="../../../../foundation/" title="Information about the non-profit Mozilla Foundation">Foundation</a></li> -<li id="menu_contribute"><a href="../../../../contribute/" title="Find out how to get involved with Mozilla">Contribute</a></li> -<li id="menu_community"><a href="../../../../community/" title="List of community sites and other resources">Community</a></li> -<li id="menu_developers"><a href="../../../../developer/" title="Resources and links for developers">Developers</a></li> -<li id="menu_projects"><a href="../../../../projects/" title="Projects being created by the Mozilla community">Projects</a></li> -</ul> -<form id="searchbox_002443141534113389537:ysdmevkkknw" action="http://www.google.com/cse" title="mozilla.org Search"> -<div> -<label for="q" title="Search mozilla.org's sites">search mozilla:</label> -<input type="hidden" name="cx" value="002443141534113389537:ysdmevkkknw"> -<input type="hidden" name="cof" value="FORID:0"> -<input type="text" id="q" name="q" accesskey="s" size="30"> -<input type="submit" id="submit" value="Go"> -</div> -</form> -</div> -<hr class="hide"> -<div id="mBody"> -<div id="side"> - -<ul id="nav"> -<li><a title="Roadmap" href="../../../../roadmap.html"><strong> Roadmap</strong></a></li> -<li><a title="Projects" href="../../../../projects/"><strong> Projects</strong></a></li> -<li><a title="For developers" href="../../../../developer/"><strong> Coding</strong></a> -<ul> -<li><a title="Module Owners" href="../../../../owners.html"> Module Owners</a></li> -<li><a title="Hacking" href="../../../../hacking/"> Hacking</a></li> -<li><a title="Get the Source" href="http://developer.mozilla.org/en/docs/Download_Mozilla_Source_Code"> Get the Source</a></li> -<li><a title="Building Mozilla" href="http://developer.mozilla.org/en/docs/Build_Documentation"> Build It</a></li> -</ul> -</li> -<li><a title="Testing" href="http://quality.mozilla.org/"><strong> Testing</strong></a> -<ul> -<li><a title="Downloads of mozilla.org software releases" href="../../../../download.html"> Releases</a></li> -<li><a title="Latest mozilla builds for testers" href="../../../../developer/#builds"> Nightly Builds</a></li> -<li><a title="For testers to report bugs" href="https://bugzilla.mozilla.org/"> Report A Problem</a></li> -</ul> -</li> -<li><a title="Tools for mozilla developers" href="../../../../tools.html"><strong> Tools</strong></a> -<ul> -<li><a title="Bug tracking system for mozilla testers." href="https://bugzilla.mozilla.org/"> Bugzilla</a></li> -<li><a title="Latest status of mozilla builds" href="http://tinderbox.mozilla.org/showbuilds.cgi?tree=Firefox"> Tinderbox</a></li> -<li><a title="Latest checkins" href="http://bonsai.mozilla.org/cvsqueryform.cgi"> Bonsai</a></li> -<li><a title="Source cross reference" href="http://mxr.mozilla.org/"> MXR</a></li> -</ul> -</li> -<li><a title="Frequently Asked Questions." href="../../../../faq.html"><strong> FAQs</strong></a></li> -</ul> - -</div> -<hr class="hide"> -<div id="mainContent"> - - - - -<center> -<h2>NSS FAQ</h2> -<i><FONT SIZE="-1"> - -Newsgroup: -<A HREF="news://news.mozilla.org/mozilla.dev.tech.crypto">mozilla.dev.tech.crypto</A> - -</FONT></i> -</center> - -<p> -<hr> -<p> - -<a href="#Q1">General Questions</a> - -<ul> -<li> -<a href="#Q1.1">What is Network Security Services (NSS)?</a></li> -<li> -<a href="#Q1.2">What can I do with NSS? Is NSS appropriate for my application?</a></li> -<li> -<a href="#q1.2a">How does NSS compare to OpenSSL?</a></li> -<li> -<a href="#q1.3">How does NSS compare to SSLRef?</a></li> -<li> -<a href="#q1.4">What platforms and development environments are supported?</a></li> -<li> -<a href="#q1.5">What cryptography standards are supported?</a></li> -<li> -<a href="#q1.7">What is the relationship between NSS and PSM?</a></li> -<li> -<a href="#q1.7">Where can I get the source?</a></li> -<li> -<a href="#q1.8">How much does it cost?</a></li> -</ul> - -<a href="#Q2">Developer Questions</a> -<ul> -<li> -<a href="#q2.1">What hardware accelerators are supported?</a></li> -<li> -<a href="#q2.2">How do I integrate smart cards into my application using -NSS?</a></li> -<li> -<a href="#q2.3">How is NSS compatible with other Netscape products?</a></li> -<li> -<a href="#q2.4">Does NSS require Netscape Portable Runtime (NSPR)?</a></li> -<li> -<a href="#q2.5">Can I use NSS even if my application protocol isn't HTTP?</a></li> -<li> -<a href="#q2.6">How long does it take to integrate NSS into my application?</a></li> -<li> -<a href="#q2.6">How can I learn more about SSL?</a></li> -</ul> - -<a href="#Q3">Licensing Questions</a> -<ul> -<li> -<a href="#q3.1">How is NSS licensed?</a> -<li> -<a href="#q3.2">Is NSS available outside the United States?</a></li> -</ul> -<h2> - <a NAME="Q1"><hr WIDTH="100%"></a>General Questions</h2> -<a NAME="Q1.1"></a><H4>What is Network Security Services (NSS)?</h4> -<P>NSS is set of libraries, APIs, utilities, and documentation designed -to support cross-platform development of security-enabled client and -server applications. It provides a complete open-source implementation -of the crypto libraries used by Netscape and other companies in the -Netscape 6 browser, server products from iPlanet E-Commerce Solutions, the -Gateway Connected Touch Pad with Instant AOL, and other products. - -<p>For an -overview of NSS, see <a href="overview.html">Overview of NSS</a>. For detailed information -on the open-source NSS project, see <a href="index.html">NSS Project Page</a>. - -<br> -<a NAME="Q1.2"></a><H4>What can I do with NSS? Is NSS appropriate for -my application?</h4> -<P>If you want add support for SSL, S/MIME, or other Internet security standards -to your application, you can use Network Security Services (NSS) to do so. Because -NSS provides complete support for all versions of SSL and TLS, it is particularly well-suited -for applications that need to communicate with the many clients and servers -that already support the SSL protocol. -<p>The PKCS #11 interface included in NSS means that your application can -use <a href="#q2.1">hardware accelerators</a> on the server and <a href="#q2.2">smart -cards</a> for two-factor authentication. -<br> - - <a NAME="q1.2a"></a><H4>How does NSS compare to OpenSSL?</h4> - -<a href="http://www.openssl.org/">OpenSSL</a> is an open source project that implements server-side SSL, -TLS, and a general-purpose cryptography library. It does not support PKCS #11. It is based on -the SSLeay library developed by Eric A. Young and Tim J. Hudson. OpenSSL is widely used in -Apache servers and is licensed under an Apache-style licence. - -<p>NSS supports both server and client applications as well as PKCS #11 and S/MIME. To permit its use -in as many contexts as possible, -NSS is triple-licensed under the <a href="../../../../MPL/">Mozilla Public License</a>, the -<a href="http://www.gnu.org/copyleft/gpl.html">GNU General Public License</a>, -and the <a href="http://www.gnu.org/copyleft/lesser.html">GNU Lesser General Public License</a>. -You may choose to use the code either under the terms of the MPL or the GPL or the LGPL. - -<a NAME="q1.3"></a><H4>How does NSS compare to SSLRef?</h4> -SSLRef was an early reference implementation of the SSL protocol. It contains -bugs that were never fixed, doesn't support TLS or or the -new 56-bit export cipher suites, and does not contain the fix to the -Bleichenbacher attack on PKCS#1. - -<p>Netscape no longer maintains SSLRef or makes it available. It was built as -an example of an SSL implementation, not for creating production applications. - -<p>NSS was designed from the ground up for use by commercial developers. -It provides a complete software development kit -that uses the same architecture used to support security features in many client -and server products from Netscape and other companies. - -<a NAME="q1.4"></a><H4>What platforms and development environments are supported?</h4> -<P>iPlanet E-Commerce Solutions has certified NSS 3.1 on 18 platforms, including AIX 4.3, HP-UX 11.0, -Red Hat Linux 6.0, Solaris (2.6 or later), Windows NT (4.0 or later), and -Windows 2000. Other contributors are in the process of certifying additional platforms. -The NSS 3.1 API requires C or C++ development environments. - -<p>For the latest NSS release notes and detailed platform information, see -<a href="release_notes_31.html">NSS 3.1 Release Notes</a>. - -<a NAME="q1.5"></a><H4>What cryptography standards does NSS support?</h4> -<P>NSS supports <a HREF="../../../docs/jargon.html#SSL">SSL v2 and v3</a>, - <a HREF="../../../../docs/jargon.html#TLS">TLS</a>, - <a HREF="../../../../docs/jargon.html#PKCS5">PKCS #5</a>, - <a HREF="../../../../docs/jargon.html#PKCS7">PKCS #7</a>, - <a HREF="../../../../docs/jargon.html#PKCS11">PKCS #11</a>, - <a HREF="../../../../docs/jargon.html#PKCS12">PKCS #12</a>, - <a HREF="../../../../docs/jargon.html#SMIME">S/MIME</a>, and - <a HREF="../../../../docs/jargon.html#X.509">X.509 v3</a> certificates. -For complete details, -see <a href="nss-3.11/nss-3.11-algorithms.html"> -Encryption Technologies</a>. - -<a NAME="q1.6"></a><H4>What is the relationship between NSS and PSM?</H4> - -Personal Security Manager (PSM) is built on top of NSS. It consists of libraries -and a daemon designed to support cross-platform development of security-enabled -client applications. The PSM binary provides a client module -that performs cryptographic operations on behalf of applications. -Netscape Personal Security Manager ships with Netscape 6 and the Gateway Connected Touch Pad with Instant AOL, -and is also available for use with Communicagotr 4.7x. - -<p>For more information about the PSM open-source project, see <a href="../psm">Personal Security Manager</a>. - -<a NAME="q1.7"></a><H4>Where can I get the source code?</H4> - -For instructions on how to check out and build the NSS 3.1 source code, see -<a href="buildnss_31.html">Build Instructions for NSS 3.1.</a> The source code may also -be downloaded as a tar file from -<a href="ftp://ftp.mozilla.org/pub/mozilla.org/security/">ftp://ftp.mozilla.org/pub/mozilla.org/security/</a>. - -<a NAME="q1.8"></a><H4>How much does it cost?</H4> - -NSS source code and binaries (when they become available) are completely free. No license fees, -no royalty fees, no subscription fees. - - -<a NAME="Q2"><h2> -<hr WIDTH="100%"></a>Developer Questions</h2> - -<a NAME="q2.1"></a><H4>What hardware accelerators are supported?</h4> -<P>NSS supports the PKCS #11 interface for hardware acceleration. Since leading accelerator vendors such as -Chrysalis-IT, nCipher, and Rainbow Technologies also support this interface, NSS-enabled applications -can support a wide variety of hardware accelerators. -<a NAME="q2.2"></a><H4>How do I integrate smart cards into my application using -NSS?</h4> -<P>NSS supports the PKCS #11 interface for smart card integration. Applications that use the PKCS #11 -interface provided by NSS will therefore support smart cards from leading vendors such as -ActiveCard, Litronic, and SecureID Technologies that also support the PKCS #11 interface. - -<a NAME="q2.3"></a><H4>How is NSS compatible with other Netscape products?</h4> -<P>NSS provides tight integration with other Netscape products in two ways. -First, by using NSS to implement SSL and TLS, you can support SSL communications -with all products from Netscape and all other vendors -that support SSL<FONT color="#CC0000"> and TLS.</FONT> Second, NSS makes it easy -to share certificates between Netscape client and server products -and your application. - -<a NAME="q2.4"></a><H4>Does NSS require Netscape Portable Runtime (NSPR)?</h4> -<P>To provide cross-platform support, NSS utilizes Netscape Portable Runtime -(NSPR) libraries as a portability interface and implementation that -provides consistent cross-platform semantics for network I/O and threading -models. You can use NSPR throughout your application or -only in the portion that calls into NSS. Netscape strongly recommends that -multithreaded applications use the NSPR or native OS threading model. (In -recent NSPR releases, the NSPR threading model is compatible with the native -threading model if the OS has native threads.) Alternatively, you can adapt -the open-source NSPR implementation to be compatible with your existing -application's threading models. More information about NSPR may be found at -<a href="http://www.mozilla.org/projects/nspr/">Netscape Portable Runtime</a>. -<br> - -<a NAME="q2.5"></a><H4>Can I use NSS even if my application protocol isn't -HTTP?</h4> -<P>Yes, SSL independent of application protocols. It works with common -Internet standard application protocols (HTTP, POP3, FTP, SMTP, etc.) as -well as custom application protocols using TCP/IP. - -<br> -<a NAME="q2.6"></a><H4>How long does it take to integrate NSS into my application?</h4> -<P>The integration effort depends on an number of factors, such as developer -skill set, application complexity, and the level of security required for -your application. NSS includes detailed documentation of the SSL API and -sample code that demonstrates basic SSL functionality (setting up an encrypted -session, server authentication, and client authentication) to help jump start the -integration process. However, there is little or no documentation currently -available for the rest of the NSS API. If your application requires sophisticated -certificate management, smart card support, or hardware acceleration, your -integration effort will be more extensive. - -<a NAME="q2.7"></a><H4> Where can I download the NSS tools?</h4> - -Currently, you must download the NSS source and build it to create binary files for the NSS tools. -For more information, see <A HREF="tools/">NSS Tools</A>. - - -<a NAME="q2.8"></a><H4>How can I learn more about SSL?</h4> - -NSS provides extensive documentation related to SSL, including high-level introductions, -detailed API documentation, sample code for simple client and server -applications, the original SSL 3.0 specification, and -information on debugging SSL applications. For details, see the -<a href="ssl/">SSL/TLS Project Page</a>. For information about the NSS tools, including those used -for debugging SSL applications, see <a href="http://www.mozilla.org/projects/security/pki/nss/tools/"> -NSS Security Tools</a>. - -<a NAME="Q3"><h2> -<hr WIDTH="100%"></a>Licensing Questions</h2> -<H4><a NAME="q3.1"></a>How is NSS licensed?</h4> -<P>NSS is triple-licensed under the <a href="../../../../MPL/">Mozilla Public License</a>, the -<a href="http://www.gnu.org/copyleft/gpl.html">GNU General Public License</a>, -and the <a href="http://www.gnu.org/copyleft/lesser.html">GNU Lesser General Public License</a>. -For more details, see the <a href="http://www.mozilla.org/crypto-faq.html#1-3">Mozilla Crypto FAQ</a>. - -<a NAME="q3.2"></a><H4>Is NSS available outside the United States?</h4> -<P>Yes; see -<a href="buildnss_31.html">Build Instructions for NSS 3.1.</a> and -<a href="ftp://ftp.mozilla.org/pub/mozilla.org/security/">ftp://ftp.mozilla.org/pub/mozilla.org/security/</a>. -However, NSS source code is subject to the U.S. Export -Administration Regulations and other U.S. law, and may not be exported or -re-exported to certain -countries (currently Cuba, Iran, Libya, North Korea, Sudan and Syria) or -to persons or entities prohibited from receiving U.S. exports (including -those (a) on the Bureau of Industry and Security Denied Parties List or -Entity List, (b) on the Office of Foreign Assets Control list of Specially -Designated Nationals and Blocked Persons, and (c) involved with missile -technology or nuclear, chemical or biological weapons). - -<p>For more information about U.S. export controls on encryption software, -see the <a href="http://www.mozilla.org/crypto-faq.html">Mozilla Crypto FAQ</a>. - - - - - -<hr class="hide"> -</div> -</div> -<div id="footer"> -<ul> -<li><a href="../../../../support/">Support Options</a></li> -<li><a href="../../../../security/">Security Center</a></li> -<li><a href="../../../../privacy-policy.html">Privacy Policy</a></li> -<li><a href="../../../../contact/">Contact Us</a></li> -</ul> -<p class="affiliates">International Affiliates: <a href="http://www.mozilla-europe.org/">Mozilla Europe</a> - <a -href="http://mozilla.jp/">Mozilla Japan</a> - <a href="http://www.mozillaonline.com/">Mozilla China</a></p> -<p class="copyright"> -Portions of this content are © 1998–2009 by individual mozilla.org contributors<br> -Content available under a Creative Commons <a href="http://www.mozilla.org/foundation/licensing/website-content.html">license</a></p> -<p> -<span>Last modified July 12, 2007</span> -<span><a href="http://bonsai-www.mozilla.org/cvslog.cgi?file=mozilla-org/html/projects/security/pki/nss/faq.html&rev=&root=/www/">Document History</a></span> -<span><a href="https://doctor.mozilla.org/?action=edit&file=mozilla-org/html/projects/security/pki/nss/faq.html">Edit this Page</a></span> <span>(or <a href="/contribute/writing/cvs">via CVS</a>)</span> -</p> -</div> -</div> -</body> -</html> |