brieweb: > How do I create a private key for Firefox, or mozilla for that matter? > > I want to take my browser, connect to a site with my private key > similar to using ssh and connecting to another server. Then the web > server checks its repository of authorized keys for my public public > key and allows me to connect. All I seem to find is how to create a > private key for a web server and then creating a signing request to be > signed by a CA. I think you are touching a few different issues here. First of all, for client authentication against a web server, the web server sends an authentication request to the client. The client (browser) must choose the certificate which it sends to the web server. There may be conditions such as certificates from any CA, certificates from selected CAs and certificate from one CA. Once authentication has succeeded, it's up to implementation if the web server accepts it or not (check against a list of allowed certificates for example).
Second, client certificates can be "created" by using features of the browser, but it isn't a must. You can easily create a PKCS12 (PFX) file from a private key and certificate) and install (import) that into the client. There are however ways to generate a private key in the browser and install the certificate response. There are two ways to create a private key: Using the key HTML tag (<keygen name="myKey">) or by using the javascript crypto CRMF functions (See http://developer.mozilla.org/en/docs/generateCRMFRequest for more information). Depending on that, the issued certificate can then be supplied to the browser which has a matching private key. -- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
