Patch Firefox or Chromium for say GnuTLS (still don't have TLS 1.2), how difficult?
The other day I was lamenting the fact that Firefox and Chromium /still/ do not have support for TLS version 1.1 or (much worse) TLS version 1.2. Although there are plenty of free libraries out there that support /all/ the versions of TLS available, both these browsers happen to depend on the NSS lib, which only supports up to version 1.0.
This is lame for a lot of reasons, but especially bothersome to me because version 1.2 is the only version of TLS so far that supports the Server Name extension, without which it is impossible to do single-IP virtual hosting over SSL. To pour salt in the wound, I learned that Internet Explorer and Opera already have implemented 1.2.
I was curious: those of you who are Firefox devs, or are familiar with code: how difficult would it be to patch Firefox, to make it use a different encryption library? E.g., gnutls.
|