Jean-Marc Desperrier wrote:
Robert Relyea wrote:
I would certainly be happy to look at proposals that would
advance the state of technology here.
A device certificate based solution could be nice. Maybe also end-to-end
symetric key solutions. Finally even a standard that request a secure
environment is useful.
I guess the secureness of the environment would be deductible through
the device certificate?
Standardizing an evolution of generateCRMFRequest that could do that
would be useful.
Although standardization would be nice, it is IMO, based on a decade
of mainly negative experiences, not an option. IF somebody will *ever*
break the deadlock it will either be Google or an Open Source effort
or as I propose: a combination of Open Hardware and Open Software.
Imagine a project that spans from electronics, to USB communication,
middleware, and browser integration! Yes, there must of course be
something in the other end as well...
However, "getting the keys in the card" is only half of the problem,
a genuine solution should also take key-life cycle management in
consideration.
<snip>
Anders
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
