"Eddy Nigg (StartCom Ltd.)" writes: > Most likely they return a PKCS#7 (SPAC) file. The private key is > supposed to be stored in FF and the response file should be installed > without a problem. Perhaps you may want to try the free mail > certificates from http://cert.startcom.org and check if it works for you > with Firefox on Vista.
I will try that, but I predict it will fail if they use the same format. One of my colleagues has found a recent bug in bugzilla on this https://bugzilla.mozilla.org/show_bug.cgi?id=399188 and it appears that firefox is ignoring the mime type and looking at the .spc extension, and then dropping into Windows file management. This is not what it does on, say, XP, where the same transaction works fine. I have not instrumented XP to see if the same pkcs#7 package & mime type header get sent by Thawte to this client (seems like a reasonable assumption, tho). My colleague was able to create a web page that would trick the firefox browser on Vista into downloading & installing the cert: he took the cert out, renamed the extension to some junk, and then had the page send the proper pkcs7 headers down along with the cert. Then firefox-on-vista loaded the cert properly. So it looks like this is some kind of error in the decisions firefox makes about extension handling. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
