Apart from that, I completely approve of TPMs being implemented as PKCS#11 modules. This TPM-enabled feature will probably reach the mass users; it offers clear advantage over storing privates keys on a disk.
One problem with smart cards is that users may not understand them. It is a piece of hardware that they need to use properly in order to preserve security. As we see from previous messages in this discussion thread (blindly accepting self-signed certificates), users do not properly execute security-sensitive actions. Regards, Peter Djalaliev _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
