We use the SB70LC-100IR in our systems, which has been using SSLv3. Due to the recent issue regarding SSL 3.0, we’ve had many roadblocks with this.
I saw on your support page that you’re in process of implementing TLS. I have a few questions regarding this. I was not involved with the software on NetBurners at all, so I'm not very familiar with how it is implemented, so bear with me...
1. Is TLS already available for these, or when will it be available?
2. Will older units be capable of upgrading to use TLS?
3. Would this require a software change on our end to accommodate TLS, or is that entirely included on the factory firmware?
Any information you have on this would be appreciated.
SSL to TLS transition
Re: SSL to TLS transition
1. TLS is available in the latest beta release of the NNDK (2.7.1).
2. While all platforms will be able to run TLS, due to increased key size requirements, MCF5272 platforms will likely see a significant drop in performance, as the crypto operations no longer allow the task stack to fit in SRAM.
3. We will be updating the SecureFactoryApplication to support TLS shortly, but do not have a definite date (it will be available as a beta, precompiled by the end of the month).
-Dan
2. While all platforms will be able to run TLS, due to increased key size requirements, MCF5272 platforms will likely see a significant drop in performance, as the crypto operations no longer allow the task stack to fit in SRAM.
3. We will be updating the SecureFactoryApplication to support TLS shortly, but do not have a definite date (it will be available as a beta, precompiled by the end of the month).
-Dan
Dan Ciliske
Project Engineer
Netburner, Inc
Project Engineer
Netburner, Inc
Re: SSL to TLS transition
To answer your question #3 we need more info...
Are you units running the standard netburner secure factory app, or are they running
custom code developed for you?
If they are running the netburner secure factory app, then its simple....
We will send you a new code image to load into your boards.
If they are running custom code developed for you, the changes could be simple or
complex depending on what vintage NNDK this was developed on and what the availability of the
programmer that did that work. If the original programmer is not available, it will depend on
the quality of the code and documentation they left behind.
Are you units running the standard netburner secure factory app, or are they running
custom code developed for you?
If they are running the netburner secure factory app, then its simple....
We will send you a new code image to load into your boards.
If they are running custom code developed for you, the changes could be simple or
complex depending on what vintage NNDK this was developed on and what the availability of the
programmer that did that work. If the original programmer is not available, it will depend on
the quality of the code and documentation they left behind.
Re: SSL to TLS transition
The original programmer is still available... and the code is developed on NBEclipse 2.6.2.
Is it possible to get the libraries for TLS, or possibly even an example code of implementing it? Or will TLS even work on our current version?
Is it possible to get the libraries for TLS, or possibly even an example code of implementing it? Or will TLS even work on our current version?
Re: SSL to TLS transition
From Dan's earlier comment it sounds like you get it if you update your tools.
Re: SSL to TLS transition
Probably won't work on 2.6.x
Porting from 2.6.x to 2.7.3 should be fairly painless.
There are some additional compilation flags for TLS, but the basic interface is identical to SSL.
Are you acting as an SSL client or an SSL server?
Porting from 2.6.x to 2.7.3 should be fairly painless.
There are some additional compilation flags for TLS, but the basic interface is identical to SSL.
Are you acting as an SSL client or an SSL server?