>Anders Rundgren wrote: >> http://www.w3.org/2006/02/axalto-paper.html >> >> This paper says that we can soon forget about P11 and such >> and rely on AJAX-like access to crypto.
>We wouldn't have to worry about vendor-independent crypto device >interface standards if everyone in the world would agree to >adopt one vendor's proprietary standards! >Why, of course! Why didn't we think of that? :> -) Nelson, ================================================= The core problem is that there is no [publicly known and active] cooperation between the leading browser vendors on how to improve client-side crypto support, most notably for digital signatures [*] ================================================= Due to this we are witnessing a "Darwinian" kind of scenario where various parties are trying to set new de-facto standards, albeit "in slow-motion" Most of these "wannabe-standards" are likely to be offered as free add-ins as well as being open for anybody to implement. Microsoft's CardSpaces (formely InfoCards), is one such, pretty ambitious example of an open, free, but vendor-defined client-side browser-centric authentication technology in the pipe-line. After a decade-long standstill, things are finally beginning to move although there sure are no given home-runs in sight. May the best man (or woman for that matter) win! Anders Rundgren Principal designer of one of these "wannabe-standards" :-) *] This is just for starters, "The Next Big Thing" is on-line PKI-provisioning which is not only proprietary (Xenroll, KeyGen etc.), but is also rather inferior. With BILLIONS of PKI-enabled mobile phones "on the radar", this part should be reworked, hopefully based on more current technology such as WS-*. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
