Fost1954 wrote: > 1. Can I spread the message into the world that Running Firefox in "Safe > Mode" when generating the key as well as requesting the Certificate with > Thawte does securely prevent unnotified private key transmission ?
I think so. Note that Thawte still uses the <keygen> tag, so disabling crypto.generateCRMFRequest through prefs.js could also be considered sufficient (keygen doesn't provide any escrow mechanism). > 2.What do you mean using the words "maximum reliability" in this context. I > am aware that there is no 100% security in life, but the words you use (a > "maximum" of what !?) can mean a broad spectrum from "maximum, but poor" > reliability to "maximum and really strong reliability"... In the sense that it's the maximum achievable reliability given the fact that you're running code provided by someone else (Mozilla Corporation, in this case). In the end, it's always a question of whom you trust - but this would probably get us too much off-topic. Kaspar _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
