Prerequirement for bug 900941

- update to 3.17.1 (bnc#897890)
* Change library's signature algorithm default to SHA256
* Add support for draft-ietf-tls-downgrade-scsv
* Add clang-cl support to the NSS build system
* Implement TLS 1.3:
* Part 1. Negotiate TLS 1.3
* Part 2. Remove deprecated cipher suites andcompression.
* Add support for little-endian powerpc64

- update to 3.17
* required for Firefox 33
New functionality:
* When using ECDHE, the TLS server code may be configured to generate
a fresh ephemeral ECDH key for each handshake, by setting the
SSL_REUSE_SERVER_ECDHE_KEY socket option to PR_FALSE. The
SSL_REUSE_SERVER_ECDHE_KEY option defaults to PR_TRUE, which means
the server's ephemeral ECDH key is reused for multiple handshakes.
This option does not affect the TLS client code, which always
generates a fresh ephemeral ECDH key for each handshake.
New Macros
* SSL_REUSE_SERVER_ECDHE_KEY
Notable Changes:
* The manual pages for the certutil and pp tools have been updated to
document the new parameters that had been added in NSS 3.16.2.
* On Windows, the new build variable USE_STATIC_RTL can be used to
specify the static C runtime library should be used. By default the
dynamic C runtime library is used.