Category Archives: TLS-SRP

I just posted a patch for Python 3.3 to add TLS-SRP support (Issue #11943). This patch adds support for TLS-SRP (RFC 5054) to Python ssl.SSLSocket, _ssl.c, http, and urllib. TLS-SRP lets a client and server establish a mutually authenticated SSL … Continue reading →

I just posted a patch for TLS-SRP support in Apache 2 mod_ssl on the wiki and as ASF Bugzilla #51075.

I updated Steffen Schulz’s NSS patch for TLS-SRP support and posted it to Bugzilla #405155. NSS (Network Security Services) is a Mozilla library that provides SSL and crypto routines to Firefox, Chrome, and lots of other apps. I modified Steffen … Continue reading →

I just posted an in-progress patch that adds TLS-SRP support to Chrome over at the Chromium code review site. I also posted a Chromium-discuss message announcing my progress. To install it yourself, see the TLS-SRP in Chrome wiki page.

I submitted a patch to TLS Lite that updates its TLS-SRP support to comply with RFC 5054. Read the email message to tlslite-users or download the the patch (tlslite+tls-srp-rfc5054.patch). I’ve also applied this patch to my tlslite git repository.

cURL 7.21.4 was just released, with support for TLS-SRP. I submitted the patch for this feature (based on a previous patch by Peter Sylvester). If you are using, or are interested in using, TLS-SRP on the Web, I’d love to … Continue reading →

(Posted to curl-library) I revived a proposed patch by Peter Sylvester to add support to cURL for TLS-SRP (RFC 5054), which is mutually authenticated TLS with passwords instead of client/server certs. Peter’s patch was postponed because it relied on OpenSSL, … Continue reading →