NSS 3.18 Release Increases RSA Key Pair Size, Ups Protocol Versions
Written by Michael Larabel in Mozilla on 21 March 2015 at 08:55 AM EDT. 1 Comment
Mozilla announced the updated release this week of their NSS (Network Security Services) libraries.

NSS 3.18 is described as a minor release but there's some new functionality, new functions, new CA certiciates were added, and a number of bugs fixed. However, there's also two other notable changes that attracted our attention after being pointed out by a Phoronix reader:
- The highest TLS protocol version enabled by default has been increased from TLS 1.0 to TLS 1.2. Similarly, the highest DTLS protocol version enabled by default has been increased from DTLS 1.0 to DTLS 1.2.

- The default key size used by certutil when creating an RSA key pair has been increased from 1024 bits to 2048 bits.
So with NSS 3.18 the default key size for new RSA key pairs via certutil is now 2048 bits and the default TLS/DTLS version enabled is v1.2.

Besides Mozilla products using NSS like Firefox and Tunderbird, Google Chrome/Chromium uses it along with numerous other open-source projects for creating multi-platform, security-enabled client/server applications.

More details on NSS 3.18 can be found at developer.mozilla.org.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week