Personal Security Manager (PSM)
Newsgroup: mozilla.dev.tech.crypto
Technical contacts: Kai Engert, Wan-Teh Chang, Bob Relyea
Manager: Bob Lord
Personal Security Manager (PSM) consists of a set of libraries that perform cryptographic operations on behalf of a client application. These operations include setting up an SSL connection, object signing and signature verification, certificate management (including issuance and revocation), and other common PKI functions.
- PSM 2.3
- PSM 2.1
- PSM 2.0
- Documentation
- Standards Support
- Mozilla CVS Information
- Netscape 6 Integration
PSM 2.3
PSM 2.3 implements S/MIME. For details, see Guide to Using S/MIME.
PSM 2.1
Improvements in PSM 2.1 include
- many bug fixes
- better support for MIME types required to load CRLs
- new Reset Master Password button in the preferences panel for Master Passwords.
- support for a null master password
- many minor UI improvements
For an indication of the major areas where UI details have changed, see PSM 2.1 & Privacy Help: Status and Work in Progress.
PSM 2.0
PSM 2.0 provides an in-process SSL implementation that is fully integrated with Mozilla and Netscape 6.1. The following documents describe PSM 2.0:
- What's New in Crypto for Netscape 6.1. An informal survey of new features in PSM 2.0 compared with Communicator 4.x and Netscape 6.0.
- PSM 2.0 Roadmap: A Technical View summarizes where we're going technically with different flavors of PSM and how the PSM 2.0 XPCOM shared libraries are organized.
- Build Instructions for PSM gives detailed instructions on how to enable PSM 2.0 in your Mozilla build. PSM 2.0 is now built with the daily Windows, Macintosh, and Linux Mozilla builds.
Documentation
Initial PSM 2.0 planning:
- PSM 2.0 Plan describes the initial goals, features, user interface, and preliminary schedule for PSM 2.0.
- PSM 2.0 Task List provides a breakdown of tasks and dependencies for the early stages of development.
- PSM 2.0 UI describes initial plans for PSM 2.0 UI, including links to XUL mockups.
Help and help buttons:
- PSM 2.1 & Privacy Help: Status and Work in Progress shows the latest help changes and planned changes for PSM 2.1 and privacy features, with links to work in progress.
- PSM 2.0 Help shows the help outline with links to files that shipped with PSM 2.0/Netscape 6.1.
- Targets & Text for PSM UI Elements lists all PSM 2.0 UI elements, targets for their help buttons, and notes re UI text.
Background and previous versions:
- Personal Security Manager 1.x Architecture. Overview of PSM 1.x architecture.
- A Brief History of Personal Security Manager. Describes how Personal Security Manager was originally developed.
- Download Netscape Personal Security Manager for Communicator. Download Netscape Personal Security Manager 1.4 binaries for use with Netscape Communicator 4.7 and later versions.
- Download PKI Source. The original release of PSM source code on 2/14/2000.
Personal Security Manager is built on top of NSS, which is built on top of Netscape Portable Runtime (NSPR). Applications built with PSM do not need to call NSPR, whereas applications built with NSS must make such calls.
PSM performs all security operations on behalf of one or more applications. Developers can access the cryptographic features of PSM by calling PSM libraries.
Standards Support
Cryptographic operations supported by Personal Security Manager on behalf of Mozilla, Netscape 6, Netscape Communicator 4.7, and other client applications include:
- SSL v2 and v3. SSL authentication, encryption, and tamper detection.
- TLS. IETF version of SSL.
- S/MIME (not yet integrated into Mozilla). Signed and encrypted email (using separate signing and encryption keys if desired).
- PKCS #5. Encryption for private key storage.
- PKCS #7. Signing operations.
- PKCS #11. Communication with PKCS #11 modules and associated cryptographic tokens (such as smart cards).
- PKCS #12. Export and import of certificates and associated private keys.
- CRMF/CMMF. Communication with a certificate authority (CA).
- OCSP. Real-time confirmation of certificate validity.
For detailed information about the cryptographic algorithms available in PSM (current and planned), see Encryption Technologies Available in Netscape 6.x, Personal Security Manager, and the iPlanet Servers.
If you are running a version of PSM, you can confirm the version number and algorithms supported by visiting this URL: http://gemal.dk/browserspy/psm.html.
Mozilla CVS Information
PSM 1.x
PSM 1.x is checked into mozilla/security/psm/
. The
directories are lib/
, server/
, ui/
,
and doc/
.
coreconf
is checked into the root of
mozilla/security/
.
coreconf/location.mk
and coreconf/source.mk
find
dist
in $(COREDEPTH)/../dist
rather then
$(COREDEPTH)/dist
.
PSM 2.0
PSM 2.0 is checked in under mozilla/security/manager/
.
Netscape 6 Integration
PSM 2.0 is fully open source and ships with Netscape 6.1.
Ongoing builds of Personal Security Manager based on fully open source NSS 3.1 (and later versions) are now integrated into Mozilla daily builds.