Log Message:
Update to 3.27

Changelog:
The NSS team has released Network Security Services (NSS) 3.27,
which is a minor release.

Below is a summary of the changes.
Please refer to the full release notes for additional details,
including the SHA256 fingerprints of the changed CA certificates.

New functionality:
* Allow custom named group priorities for TLS key exchange handshake
  (SSL_NamedGroupConfig).
* Added support for RSA-PSS signatures in TLS 1.2 and TLS 1.3

New Functions:
* SSL_NamedGroupConfig

Notable Changes:
* NPN can not be enabled anymore.
* Hard limits on the maximum number of TLS records encrypted with the same 
  key are enforced.
* Disabled renegotiation in DTLS.
* The following CA certificates were Removed
- CN = IGC/A, O = PM/SGDN, OU = DCSSI
- CN = Juur-SK, O = AS Sertifitseerimiskeskus
- CN = EBG Elektronik Sertifika Hizmet Sağlayıcısı
- CN = S-TRUST Authentication and Encryption Root CA 2005:PN
- O = VeriSign, Inc., OU = Class 1 Public Primary Certification Authority
- O = VeriSign, Inc., OU = Class 2 Public Primary Certification Authority - G2
- O = VeriSign, Inc., OU = Class 3 Public Primary Certification Authority
- O = Equifax, OU = Equifax Secure Certificate Authority
- CN = Equifax Secure eBusiness CA-1
- CN = Equifax Secure Global eBusiness CA-1

The full release notes are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.27_release_notes