On Mar 7, 2010, at 15:45 , Eddy Nigg wrote: > On 03/07/2010 11:23 AM, aerow...@gmail.com: >> On Thu, Mar 4, 2010 at 6:42 AM, Eddy Nigg <eddy_n...@startcom.org> wrote: >>> >>> Yes, and with a compromise of the system you'd also loose those installed at >>> the Mozilla applications. Not nice :S >> >> Well, no, not nice -- but with the fact that even your CA system will only >> create a single certificate valid at a time per email address per identity >> class (and only a single developer certificate, period), this means that the >> user has to go through an arduous process to be able to do more than a >> single thing with the certificates you offer. (As you know, the more times >> a key is exposed to the world, the higher the chance of compromise.) > > But that's not really the same - the public shall be exposed and if that's > not good enough, the key probably shouldn't be used at all either. > > I'm speaking about a system and key compromise of that specific crypto store. > It really hasn't much to do with exposure of the public key. But - the best > would be a hardware token anyway. :-)
Have I missed something? The reason of "central certificate stores" for software keys is universality and API. Windows provides an API, Mac provides an API, Firefox implements only PKCS#11. If you care about compromised keys you use hardware tokens (which both platform API-s provide access to), system compromise has (almost) nothing to do with the chosen software API. The fact that platform APIs are not used (or the argument that they work poorly or something similar) is something Mozilla people should answer to. -- Martin Paljak http://martin.paljak.pri.ee +3725156495 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
