On 10/03/2012 10:18 AM, Howard Chu wrote: > Thanks for your comments, Rich.

>> Maybe we could use nss_compat_ossl to do the mapping of cipher names >> from openssl to moznss? > > That makes sense to me, although if as you say it hasn't been actively > maintained, that sounds like another problem. But certainly if other > apps are using it, then aren't they going to want new cipher suite > support too? > Yes, and imho nss_compat_ossl is the place to do this. But, would it be possible to update the cipher suite list in tls_m.c first, to bring it up to date, then work on updating the compat library?