[EMAIL PROTECTED] wrote:
Firefox accesses certificates and keys through PKCS #11 modules (event the internal database is a PKCS #11 module). Once the driver is loaded, Firefox can access the cert and key directly (no need to import it).Thanks again Nelson for so rich and detailed information. I try to answer your questions : Now here are some questions for you to answer. Please answer all these > questions: >> 1. If you have recceived a smart card with your personal certificate and private key on it, why do you want or need to import that cert into your browser? "importing" a cert is done when your browser has no other way to access your cert. Your browser should quite happily access your cert from your smart card, right where it is, without needing to "import" it. OK so I dont need to import it in Firefox. I understand that Firefox will access my cert from my smart card, but how can it knows this certificate and thid private key exist?
IE works differently IE requires all certificates to be in the certificate store. Often smart card vendors include applications the run to load the certs into IE stores when the smart card is inserted. On Windows XP, the operating systems supplies some support for this. The certificate is imported into the user cert store, telling IE that the private key for this cert exists. Along with the certificate, a record is stored telling what CAPI device holds the private key for this certificate.
With Firefox, the cert and key exist whenever the token is inserted and does not exist when the token is removed.
bob
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
