From 0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 03:47:29 +0200 Subject: Adding upstream version 115.8.0esr. Signed-off-by: Daniel Baumann --- security/nss/doc/rst/legacy/overview/index.rst | 167 +++++++++++++++++++++++++ 1 file changed, 167 insertions(+) create mode 100644 security/nss/doc/rst/legacy/overview/index.rst (limited to 'security/nss/doc/rst/legacy/overview/index.rst') diff --git a/security/nss/doc/rst/legacy/overview/index.rst b/security/nss/doc/rst/legacy/overview/index.rst new file mode 100644 index 0000000000..287226fac0 --- /dev/null +++ b/security/nss/doc/rst/legacy/overview/index.rst @@ -0,0 +1,167 @@ +.. _mozilla_projects_nss_overview: + +Overview of NSS +=============== + +.. container:: + + .. rubric:: Open Source Crypto Libraries + :name: Open_Source_Crypto_Libraries + +.. _proven_application_security_architecture: + +`Proven Application Security Architecture <#proven_application_security_architecture>`__ +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. container:: + + If you want to add support for SSL, S/MIME, or other Internet security standards to your + application, you can use Network Security Services (NSS) to implement all your security features. + NSS provides a complete open-source implementation of the crypto libraries used by AOL, Red Hat, + Google, and other companies in a variety of products, including the following: + + - `Mozilla products `__, including + `Firefox `__, + `Thunderbird `__, + `SeaMonkey `__, and `Firefox + OS `__. + - AOL Instant Messenger (AIM) + - Open source client applications such as `Evolution `__, + `Pidgin `__, `Apache OpenOffice `__, and + `LibreOffice `__. + - Server products from `Red Hat `__: `Red Hat Directory + Server `__, `Red Hat + Certificate + System `__, and the + `mod_nss `__ SSL + module for the Apache web server. + - Server products from Oracle (formerly Sun Java Enterprise System), including `Oracle + Communications Messaging + Server `__ + and `Oracle Directory Server Enterprise + Edition `__. + - `SUSE Linux Enterprise Server `__ supports NSS and the + `mod_nss `__ + SSL module for the Apache web server. + + NSS includes a framework to which developers and OEMs can contribute patches, such as assembler + code, to optimize performance on their platforms. NSS 3.x has been certified on 18 platforms. + + For more detailed information about NSS, see `wiki.mozilla.org `__ + and `NSS FAQ `__. + + Source code for a Java interface to NSS is available in the Mozilla CVS tree. For details, see + `Network Security Services for Java `__. + + NSS makes use of Netscape Portable Runtime + (`NSPR `__), a platform-neutral + open-source API for system functions designed to facilitate cross-platform development. Like NSS, + NSPR has been battle-tested in multiple products. For more information, see the `NSPR Project + Page `__. + +.. _interoperability_and_open_standards: + +`Interoperability and Open Standards <#interoperability_and_open_standards>`__ +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. container:: + + You can use NSS to support a range of security standards in your application, including the + following: + + - `SSL v3 `__. The Secure Sockets Layer (SSL) protocol allows mutual + authentication between a client and server and the establishment of an authenticated and + encrypted connection. + - TLS v1.3 (`RFC 8446 `__), `TLS v1.2 (RFC + 5246 `__), `TLS v1.1 (RFC + 4346 `__), `TLS v1 + ( `__\ `RFC + 2246 `__). The Transport Layer Security (TLS) + protocol from the IETF that supersedes SSL. + - `PKCS #1 `__. RSA standard that + governs implementation of public-key cryptography based on the RSA algorithm. + - `PKCS #3 `__. RSA standard that + governs implementation of Diffie-Hellman key agreement. + - `PKCS #5 `__. RSA standard that + governs password-based cryptography, for example to encrypt private keys for storage. + - `PKCS #7 `__. RSA standard that + governs the application of cryptography to data, for example digital signatures and digital + envelopes. + - `PKCS #8 `__. RSA standard that + governs the storage and encryption of private keys. + - `PKCS #9 `__. RSA standard that + governs selected attribute types, including those used with PKCS #7, PKCS #8, and PKCS #10. + - `PKCS #10 `__. RSA standard that + governs the syntax for certificate requests. + - `PKCS #11 `__. RSA standard that + governs communication with cryptographic tokens (such as hardware accelerators and smart + cards) and permits application independence from specific algorithms and implementations. + - `PKCS #12 `__. RSA standard that + governs the format used to store or transport private keys, certificates, and other secret + material. + - `S/MIME (RFC 2311 and RFC 2633) `__. IETF message specification + (based on the popular Internet MIME standard) that provides a consistent way to send and + receive signed and encrypted MIME data. + - `X.509 v3 `__. + ITU standard that governs the format of certificates used for authentication in public-key + cryptography. + - `OCSP (RFC 2560) `__. The Online Certificate Status Protocol (OCSP) + governs real-time confirmation of certificate validity. + - `PKIX Certificate and CRL Profile ( `__\ `RFC + 3280 `__). The first part of the four-part + standard under development by the Public-Key Infrastructure (X.509) working group of the IETF + (known at PKIX) for a public-key infrastructure for the Internet. + - RSA, DSA, ECDSA, Diffie-Hellman, EC Diffie-Hellman, + `AES `__, Triple DES, DES, RC2, + RC4, SHA-1, SHA-256, SHA-384, SHA-512, MD2, MD5, HMAC: Common cryptographic algorithms used in + public-key and symmetric-key cryptography. + - FIPS 186-2 pseudorandom number generator. + + For complete details, see `Encryption + Technologies `__. + +.. _fips_140_validation_and_niscc_testing: + +`FIPS 140 Validation and NISCC Testing <#fips_140_validation_and_niscc_testing>`__ +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. container:: + + The NSS software crypto module has been validated three times for conformance to FIPS 140 at + Security Levels 1 and 2. For more information, see the `NSS FIPS `__ + page (`Or this one `__). + + The NSS libraries passed the NISCC + `TLS/SSL `__ and + `S/MIME `__ test suites (1.6 + million test cases of invalid input data). + +.. _complete_software_development_kit: + +`Complete Software Development Kit <#complete_software_development_kit>`__ +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. container:: + + In addition to libraries and APIs, NSS provides :ref:`mozilla_projects_nss_tools` required for + debugging, diagnostics, certificate and key management, cryptography module management, and other + development tasks. + + NSS comes with an extensive and growing set of :ref:`mozilla_projects_nss#documentation`, + including introductory material, API references, man pages for command-line tools, and + :ref:`mozilla_projects_nss_nss_sample_code`. + + NSS is available as source and shared (dynamic) libraries. Every NSS release is backward + compatible with previous releases, allowing NSS users to upgrade to the new NSS shared libraries + without recompiling or relinking their applications. + +.. _open-source_licensing_and_distribution: + +`Open-Source Licensing and Distribution <#open-source_licensing_and_distribution>`__ +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. container:: + + NSS is available under the `Mozilla Public License `__, version 2. + The latest source code is available for free worldwide from https://www.mozilla.org and its + mirror sites. \ No newline at end of file -- cgit v1.2.3