On 03/07/2010 04:01 PM, Martin Paljak:
The reason of "central certificate stores" for software keys is universality and API. Windows provides an API, Mac provides an API, Firefox implements only PKCS#11.
PKCS11 is a standard and I suspect that it's possible to interact with those crypto stores through PKCS11. APIs may be invented and changed by various software, which mostly don't follow any standard.
The fact that platform APIs are not used (or the argument that they work poorly or something similar) is something Mozilla people should answer to.
Well, the arguments were usually exactly the point I made. Firefox (and other applications) have their own crypto store, making it independent from what happens at the system level. There are obviously pros and cons for this approach.
-- Regards Signer: Eddy Nigg, StartCom Ltd. XMPP: [email protected] Blog: http://blog.startcom.org/ Twitter: http://twitter.com/eddy_nigg -- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
