NSS 3.15.1 brings TLS 1.2 support to Firefox
Network Security Services (NSS), the collection of cryptographic libraries which is used by, among others, Mozilla's Firefox browser, now supports TLS 1.2 with the release of its latest version. TLS 1.2 supports HMAC-SHA256 ciphers for the generation of pseudorandom numbers, and so allows the usage of TLS without MD5 and SHA-1 algorithms. NSS 3.15.1 also introduces a number of new types, most of which have to do with the new TLS version, along with a number of smaller changes and bug fixes.
An important encryption mode that NSS does not yet include, but which security experts are anticipating eagerly, is encryption with AES Galois Counter Mode (GCM) – this technique is said to prevent attacks such as BEAST and Lucky 13. A patch implementing GCM support has already been submitted for NSS.
Users of Firefox Nightly version 25.0a1 can already manually enable TLS 1.2 by setting the security.tls.version.max
value in the about:config page to 3
.
(fab)