On 03/18/2009 01:52 AM, Kyle Hamilton:
The problem isn't smart cards, it's the lack of smart card readers,
Well, you can buy them too, the same way you buy a web cam or other utilities. BTW, it's interesting that every time money has to be spend on security, people are making unfavorable decisions. They are willing to spend the same amount of money for some gadget, but wouldn't do the same for a smart card or reader-less token. I don't know why this is the case, but that's the experience I'm having...maybe security is not a priority in many minds?
the lack of a USB standard profile for smart-card-like devices
I don't think this is a problem.
and the tiny amount of memory available on those things.
Is 72K enough for all your keys and certs? BTW, I've got a 4GB flash drive with integrated reader-less token with 72K. So if you carry a stick with you anyway, one of these could be an interesting solution. It also has the software and drivers in form of a "virtual" CD drive on the stick.
Another way that Firefox fails the user is that there's no way to have it auto-detect a new 'smart card' device, it must be configured manually in secmod.
Yes, if it could automatically scan for potential PKCS11 modules and configure them, that would be terrific.
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
