Hi. On Fri, Apr 9, 2010 at 2:08 AM, Nelson B Bolyard <nel...@bolyard.me> wrote:
> > Mountie Lee wrote: > >> Thanks Eddy. > >> > >> in IE > >> the service provider can choose the private key can be exportable or > not. > >> > >> the manual configuration is not so attractive for service provider. > > On 2010-04-08 04:14 PST, Anders Rundgren wrote: > > Hi Mountie, > > A service provider cannot specify *anything* regarding key protection > > using Firefox. > > Anders, I think Mountie was referring to "Crypto Service Provider" (CSP), > which is Microsoft's name for software modules that follow Microsoft's > alternative that is approximately equivalent to the PKCS#11 standard. > > A PKCS#11 CSP can indeed choose to make private keys exportable or not. > A FIPS mode CSP will generally make private keys unexportable. > NSS's NON-FIPS PKCS#11 CSP can also make non-exportable keys, IIRC, > but Firefox offers no option to set that attribute on new keys when > creating or importing them. > yes. this is what I'm saying. > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > -- Mountie Lee Tel : +82 2 2140 2700 E-Mail : moun...@paygate.net Twitter : mountielee ======================================= PayGate Inc. * WEB STANDARD PAYMENT * PCI DSS v1.2 COMPLIANT * www.paygate.net * payg...@paygate.net
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
