Nic James Ferrier wrote:
I would only use PKCS #12 to distribute the keys/certs if it's allowable/expected that the server side has copies of the keys (typically the key archival case), otherwise I would just use the keygen tag.yes, The user will still be prompted for the password of the PKCS 12 file, and if he has more than one writable token, he will be prompted for where the cert and key should go.If there was a handler in FF for pkcs12 is that what it should do: auto-import the certificate?Is there a problem with the fact that the server side will have a copy of the private key? Can you see objections being raised due to that?
bob
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
