Mozilla Crypto Released for Windows, Linux!Thursday March 9th, 2000The first crypto-enabled builds of Mozilla have come online. Currently there are Windows and Linux builds available - a Mac version will be available soon. Enabled in these initial builds are SSL, the Security Advisor, and IMAPS. Signed mail and encrypted mail are not yet implemented. To try out the PSM (Personal Security Manager), first you need to grab a special version of M14. There are Talkback and no-Talkback versions available for Windows, and Talkback and no-Talkback versions available for Linux. After you have installed this build, run Mozilla and browse to the PSM page at iPlanet. You can get details on the release, as well as any special instructions you may need (and instructions for Linux if you are building the M14 build from scratch). Scroll down the page, and you will see buttons to install the PSM version for your system. Clicking the button will start up the XPI installation routine, and the PSM will be downloaded and installed. After installation, close Mozilla and reopen to use the PSM. You should be able to visit secure websites now, and view the Security Advisor (available from the Tasks menu). The source code for the PSM has not yet been released. We will let you know when it is. Just a bit of info in case this happens to anyone else: I always install Mozilla on Linux as root and then run it under my own userid. When trying to install Netscape PSM (using the "Install PSM for Linux" button on the iPlanet PSM page) the installation failed with an error -227, because it couldn't write to the Mozilla directory. The fix is simple: just make sure you have write permission to the directory containing the Mozilla binary; the install creates a new subdirectory "psm" in the Mozilla directory. I'm on a Windoze machine that it gives me a -225 error? It does create the PSM directory and all that. <:3)~~ According to http://lxr.mozilla.org/seamonkey/source/xpinstall/src/nsInstall.h, that is an extraction error. Hmm. Were you able to open the security manager and go to secure sites after installing? The XPInstall seems to work fine (cool trick, BTW) but when I shut down my nightly and restart (today's nightly, of course) I still get an "https is not a registered protocol" error. Any tips or do I really need to stop using nightlies? ~luge Well it can go to https sites now, but at least with my bank you can't log into your account. But then for all I know the bank may only accept certain browsers, too. All I get is a blank screen though after I log into my account. I had a similar problem when Moz was having problems with xhtml header stuff. That's not to say your bank is putting out xhtml, but you may want to do a "View Source" to see if you're getting anything back at all. I was getting my whole page, but Moz was just not rendering it properly. There may be some problems using https with proxy servers. For example, if you set up an http proxy, the Tasks->Security Advisor may not work (Mozilla is currently sending the request for this through your proxy, even though it's a file on your local system, and not all proxy servers are smart enough to understand requests to localhost). I noticed in Bugzilla there's already a bug for this. Also, there's no UI for setting the https proxy, so if a https proxy is required for you, you may not be able to view https pages at all. It didn't work for me, even if I set the http (no s) proxy to the right value for both http and https. If you're checking out this build, here are a few things you can try: http://www.mozilla.org/quality/security/smoketest.html (Suggestions for that document are welcomed.) Please check out the known issues list before filing bugs: http://bugzilla.mozilla.org/buglist.cgi?bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&email1=&emailtype1=substring&emailassigned_to1=1&email2=&emailtype2=substring&emailreporter2=1&bugidtype=include&bug_id=&changedin=&votes=&chfieldfrom=&chfieldto=&chfieldvalue=&component=Client+Library&component=Daemon&component=Security%3A+Crypto&short_desc=&short_desc_type=substring&long_desc=&long_desc_type=substring&bug_file_loc=&bug_file_loc_type=substring&status_whiteboard=&status_whiteboard_type=substring&keywords=&keywords_type=anywords&field0-0-0=noop&type0-0-0=noop&value0-0-0=&cmdtype=doit Thanks to everyone from #mozillazine who helped test the installer! There may be some problems using https with proxy servers. For example, if you set up an http proxy, the Tasks->Security Advisor may not work (Mozilla is currently sending the request for this through your proxy, even though it's a file on your local system, and not all proxy servers are smart enough to understand requests to localhost). I noticed in Bugzilla there's already a bug for this. Also, there's no UI for setting the https proxy, so if a https proxy is required for you, you may not be able to view https pages at all. It didn't work for me, even if I set the http (no s) proxy to the right value for both http and https. There can be two problems with proxy: (1) using PSM UI when a (regular) proxy is set up, and (2) making secure proxy work. A special care is needed in both cases by the "PSM client" (meaning mozilla in this case). Addressing these problems is straightforward under the current PSM architecture, and I hope they will be made to work in the near future (this primarily belongs in mozilla developers' plate). Just add 127.0.0.1 (if that doesn't work, try "localhost" and your hostname) to the no-proxy domains. It's bug #31164 http://bugzilla.mozilla.org/show_bug.cgi?id=31164 . Just add 127.0.0.1 (if that doesn't work, try "localhost" and your hostname) to the no-proxy domains. It's bug #31164 http://bugzilla.mozilla.org/show_bug.cgi?id=31164 . The https proxy is bug #31174 http://bugzilla.mozilla.org/show_bug.cgi?id=31174 . Can openSSL be used instead of the binary modules from iPlanet? Can openSSL be used instead of the binary modules from iPlanet? Finally I can use Mozilla as my browser all the time. Starting with the 3rd of March it's been stable enough on my Win2k machine to use as my default browser, but now I don't have to use IE for online banking or ESPN's site. Stability and speed are close to where they need to be, and finally crytpo. Things are starting to look really good. This is soooo awesome. I can now move to doing 100% of my browsing in Mozilla! The ONLY reason I was kicking up Communicator 4.72 was to access SSL sites (and to occasionally compare output differences for the sake of bug hunting). Now that I can access secure sites from Mozilla, I can stay within it for all my daily browsing needs! Don't suppose anyone knows how to disable the messages that pop up every time you enter or leave a secure document... To disable such alerts click on the lock in the righ-down cornen. The personal security manager will open, then in the applications part in navigator are some checkboxes for this. I disabled all alerts and it works fine :-) . I hope I'm not the only one, but I am sort of concerned the the Sun-Netscape alliance is going to start throwing in a bunch of crap that will definately be to their benefit, but who says we want it? Who does the PKI stuff benefit? Why do I want it bloating the core download? Where are the requirements and specs for these things? PSM is a new rev of the code that has always been in Netscape browsers (Netscape invented SSL). It's not some new Sun/iPlanet thing. If you don't want SSL, don't download it. Any info, why the psm need all processor time eventhough the page is already loaded? All works fine, but the usage isn't nice for me. When I press stop buton, usage goes down. Why?? (Linux, M14 - Talkback) |