On 07/22/2009 06:03 PM, Udo Puetz:
Hmm, here are my ideas: -integrate enigmail into TB.
That's PGP, not x.509 certificates. We have a problem with trust regarding PGP. Enigmail is an excellent extension for any user who wants to rely on PGP keys.
-Integrate weave into TB. Can't the same keys be used there for encryption of the config data?
I don't know weave, but do you really want to use certificates for securing config data? Doesn't sound a good idea to me...
-Use win key store on win. Both FF and TB. If a hw token is found ask the user if he wants to utilize it.
And with it import all the potential problems of an operating system too? I mean, then the application can't make an independent trust decision really.
-work together with gnome and kde folks, I just read that the work on a common key infrastructure (http://www.golem.de/0907/68458.html, sorry, german only)
Yes, they've posted here their excellent ideas. But that's something more on the OS/Desktop level.
-work together with opensc folks.
I don't see a problem here. I'm on the OpenSC lists too. OpenSC and NSS implement the PKCS11 interfaces, there shouldn't be a problem of interoperability. There were some bugs in the past, but I'm not sure if any problem exists today.
-generally: useful and correct error messages!!
Agreed! -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
