>I still think USB has a much higher chance of a high adoption rate. I would like to agree but the USB security container concept suffers from major limitations in terms of supporting infrastructure. People already have USB sticks and if these generally had been augmented with crypto processor and instant roaming in various operating systems (and in browsers like Mozilla), the idea could have worked. This deficit [IMHO, FWIW] makes the mentioned Fedora project a rather dubious endeavor since having the keys in the lap-top HD probably isn't going to put the market in spin.
But there is more.... MUCH more... Another hurdle is that there is no established concept of "credential discovery" making it impossible *migrating* the gazillion password-using systems out there. The current "all-or-nothing-security" paradigm has proven to result in....yes, practically nothing! Anders R ----- Original Message ----- From: "Kyle Hamilton" <[EMAIL PROTECTED]> To: "mozilla's crypto code discussion list" <dev-tech-crypto@lists.mozilla.org> Sent: Wednesday, October 01, 2008 19:31 Subject: Re: FedoraCryptoConsolidation. Was: freedesktop.org secret storageproject I still think USB has a much higher chance of a high adoption rate. But, the ISO has Spoken, which is where we got the abomination that is X.500/X.509 and also the abomination that is the Smart Card Interface. -Kyle H On Wed, Oct 1, 2008 at 3:44 AM, Anders Rundgren <[EMAIL PROTECTED]> wrote: > http://fedoraproject.org/wiki/FedoraCryptoConsolidation > > It is understandable that the Linux community is looking with a > certain envy on Microsoft's and Apple's united crypto architectures. > > I'm personally unconvinced that there is much point in trying to > mimic these schemes due to the fact that credit-card-shaped > smart cards still are not HW-wise supported by more than a > fraction of all consumer computers. > > It is quite possible that the introduction of trusted HW in > mobile phones and connections via NFC will happen faster > which creates an entirely new situation on PCs: There is a > risk that the NSS/PKCS #11/CAPI style of interfacing a > roaming credential won't stand the litmus test: > http://middleware.internet2.edu/idtrust/2008/slides/03-pekka-roaming-identity.pdf > > But of course, this is just a speculation at this stage... > > Anders > > > ----- Original Message ----- > From: "Graham Leggett" <[EMAIL PROTECTED]> > To: "mozilla's crypto code discussion list" > <dev-tech-crypto@lists.mozilla.org>; > <[EMAIL PROTECTED]> > Sent: Wednesday, October 01, 2008 11:16 > Subject: Re: freedesktop.org secret storage project > > > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
