Comment 28 for bug 312536

NSS should implement a function that allows an application to toggle the behavior with or without Nelson's patch.

void NSS_HashPrefsMD5InSigsSetDefault(PRBool enabled);

{{ A more general API can be done later (which could allow to control the use of various hashes in various contexts). I believe such an API would require more thinking, and this additional thinking shouldn't delay us at this point. Something similar to existing SSL_CipherPrefSetDefault(). Maybe a function
  enum HashAndContext {
    hac_MD5_in_CertAndCRLSignatures,
    hac_MD5_everywhere,
    hac_SHA1_in_CertAndCRLSignatures,
    ...
  };
  void NSS_HashPrefSetDefault(enum HashAndContext, PRBool enabled);
}}

NSS should add this function in NSS 3.12.3
PSM should add a preference, in both Firefox 3.0.x and Firefox 3.1.x,
(about:config only) which can be used to disable MD5 / activate the patch.

I propose to continue to have MD5 allowed for now, but this gives us the opportunity to change the default to disallowed at any time (with security updates), and allows security conscious users to disable it right away.

I propose a new error code gets added to NSS, like SEC_ERROR_UNSAFE_ALGO (where the meaning UNSAFE is based on runtime defaults).

Now let's say the runtime configuration is "forbid MD5" and the user gets an error page. Should the user be able to override the error, just like other errors? I think it should, but it would require much more logic to be added to both NSS and PSM. Similar to today's HandshakeCallback/AuthCertificateCallback functions, the NSS would need to call back into PSM and asks whether an override is active... More APIs to define...