Personal Security Manager 2 is out.Wednesday September 6th, 2000Bruno Clermont writes, "This is not an article, it's a notice that the Personal Security Manager (PSM) 1.2 is out. And it doesn't work with the latest nightly build (2000090608) under Linux :)" Uhhh . . . I just grabbed the latest nightly. Went to the page and clicked the install button. Moz can now get to SSL sites for me. Build ID: 2000090708 Red Hat 6.9.5 (Pinstripe Beta) glibc 2.1.91 works for me too ... so well that I can finally use Mozilla to do all my secure stuff ... bye bye NS4.7x ... Linux Mandrake 7.1 with 2.4.0test7 RSA has lifted the patent. Wasn't the source for psm going to be released when that happened. The source for psm is available here http://lxr.mozilla.org/mozilla/source/security/psm/ -- although I don't know if the patent covered algorithms are part of the public tree. We released the source to most of PSM on 3/31 of this year. As you mentioned, it was missing the RSA algorithm, which was a problem for people outside the Netscape firewall. We started work on re-implementing the RSA algorithm yesterday, and have a first draft checked in now. We hope to have NSS 3.1 in beta within a week or so. Improvements to PSM to allow it to build and work outside the firewall can now also begin (since PSM requires NSS). You may wish to watch for updates on the crypto newsgroup: news://news.mozilla.org/netscape.public.mozilla.crypto We will also have updates on our main PKI web page http://www.mozilla.org/projects/security/pki/ Regards, -Bob To clarify for those who haven't followed closely: just because an implementation now exists doesn't mean it is free of patent encumbrances. It must also have been implemented after the patent expired- i.e., yesterday. If you started last week, it is still covered by the patent (if I understand correctly). That's why there is no source release yet, because that particularly portion of the code must be re-implemented. I stumbled across it on the iPlanet site the other day and tried it out with Communicator 4.75 on NT and it seems to work flawlessly. Excellent work! Is OpenSSL (no RSAREF) still illegal to use in the US because it was developed some time ago or is it exempt because it was developed outside the US. I found an article on SecurityPortal that indicates OpenSSL is now free to use in the US for whatever services you want. I Quote "Any American can now download OpenSSL, install it, and use it for OpenSSH (secure administration), Apache (secure Web-serving) and so on. So what are you waiting for? Go do it!" Here is the URL http://securityportal.com/topnews/rsa20000906.html I heard that OpenSSL's use still may be restricted from a poster on Slashdot. Not the most credible source, I know, but occasionally a poster will have the right info. So what exactly is the legal status of OpenSSL in the US? Maybe someone should ask RSA to comment on OpenSSL. I just think it would be easier and faster to support the OpenSSL lib using a sort of plug-in system. This is what KDE's new beta browser/file manager has been doing for a while for those outside the US. When in the world is the Mac version of PSM coming out? How does Netscape intend to win over Mac users who already have an awesome browser in Mac IE 5? I've been wondering the same thing. The Mac version has been promised since PSM 1 was first released, and today there's PSM for Solaris (nothing against Solaris). A Mac version has been promised "soon" ever since the Windows/Linux versions were first released. I'm getting sick of waiting myself. The Netscape betas have some semblance of a PSM-like program, but I've never been able to make it do anything but crash. Get it together, people. You promised us a Mac PSM; at least let us know what's going on with it. According to that page, "A Macintosh binary will be available from this page soon." I don't know how long that message has been there. Of course, in reality, they don't need it "yesterday" - they need it in time for the actual release (beta and final) of Netscape 6 on Mac. Until then it's irrelevant anyway (although obviously from a practical perspective, for those few who *are* testing/playing with Mozilla on Mac it's much-needed). --sam I'd imagine that with the RSA releasing their patent, the PSM code will make it's way into the tree and be compiled with the nightly builds. Of course, I could be completely off base as I'm just a bystander. Posted w/build 2000090708 Anyone posting here with the latest nightly notice that suddenly the method mozillazine uses to tab replies isn't working (i.e., all replies appear at the same depth?) Is this a known bug or should someone file it? |