31
edits
NSS libPKIX Brainstorming: Difference between revisions
→Identified Tasks
| Line 37: | Line 37: | ||
**The existing NSS functions that are now exported (in order to be accessible by libPKIX) must have their names changed to follow the style. | **The existing NSS functions that are now exported (in order to be accessible by libPKIX) must have their names changed to follow the style. | ||
**Review the patch and check it in. | **Review the patch and check it in. | ||
**Alexei | **Alexei is working on this item. Work in progress. | ||
*Get initial figures for libPKIX performance. | |||
**Compare chain building and validation performance of old NSS API with new libPKIX API. | |||
***This task is done(see results in "LibPKIX performance section). | |||
**Get performance numbers for the building and validation of a chain that includes certs with policy extensions and cross-certification. | |||
***Work in progress... Looking for such cert chain. | |||
*Ensure consistency of verification decisions across all existing and new certificate verification functions, in particular: | *Ensure consistency of verification decisions across all existing and new certificate verification functions, in particular: | ||
**add new verification function(s) that | **add new verification function(s) that offers libPKIX parameters in its API. | ||
***The internals of the implementation of the function are written. Finalizing API design. For more information see [https://bugzilla.mozilla.org/show_bug.cgi?id=294531 bug 294531] | |||
**keep all existing verification API, but change their implementation to call libPKIX functions | **keep all existing verification API, but change their implementation to call libPKIX functions | ||
** | ***I will start working on it after new API is finalized. | ||