Anders Rundgren wrote: > Michael Ströder wrote: >> Sure the UI for choosing the client cert could be improved, e.g. just by >> displaying more informational attributes from the cert and the PKI >> properly filling this attributes. > > Essentially you are saying that Information Cards is bad idea.
I didn't say anything like this about Information Cards. > I believe that they rather form a virtual counterpart to physical > cards in a wallet. Frankly I don't know much about it. > In case you feel ready for yours truly's "PKI challenge", > you could try outlining how *you* would in an Internet- > scale deal with the problems mentioned in this document: > http://web.telia.com/~u18116613/A.R.AppliedPKI-Lesson-1.pdf > Naturally all these issues has been solved in a very nice fashion > but NOT by PKI people because they simply do not understand > IT, only cryptography. Frankly I don't know very much about the maths of cryptography. But I do understand a lot about making things work in the real world (including teaching users). And that's the reason why I'm staying out of making any general claims in this "Internet-scale" scope. But again the argument that the lack of branding options hinders SSL/TLS client authc to be used is really moot. And given how many web designers and marketing people render web sites/applications to be unusable/insecure for end-users I'm strictly against giving them any possibility to muck around with security-related UI parts in browsers (or other software). > Please don't take it personal, you could be an exception :-) Being in Usenet since '93 my protective clothing is pretty thick. ;-) Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
