Anders Rundgren: > What I was referring to is the inability for an issuer specifying that > generated keys should be PIN-protected and what constraints > there should be on the PIN while still optionally letting the user > specify the actual PIN.
There are Mozilla specific functions for handling of Smart Cards. Unfortunately most of the require special privileges. > > In addition there is no way you can see that the private key is in > generated and stored in a smart card and not in the "soft token", > at least not what I'm aware of. > Incorrect. If you've got a smart card inserted Firefox prompts you to select the device (smart card(s) or soft token). Additionally as mentioned above, there are functions which allows you to check for smart card events: http://developer.mozilla.org/en/Javascript_crypto I've made a enhancement request to add a functionality to check if a smart card is already inserted (for the same page), which is missing: https://bugzilla.mozilla.org/show_bug.cgi?id=419114 However what's really needed is a defined and easy-to-use standard which works at any platform. I see you are making some efforts into this directions. -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
