On 2012-04-09 12:13, helpcrypto helpcrypto wrote: >> http://www.w3.org/2011/11/webcryptography-charter.html > > BSmith ans RRelyea directed me there also. All fishes go to sea... ;)
The really big fishes (Google, Apple, and Microsoft) haven't said a word (in public) about their interest in this. I think they have reasons to wait for Mozilla to release their signature solution... >> http://webpki.org/papers/wasp/wasp-tutorial.pdf >> http://webpki.org/papers/keygen2/sks-keygen2-exec-level-presentation.pdf > > I think i already read both documents some time ago. Isn't the inferiority of the soft token implementations a problem? In Sweden, banks rejected these since PIN-code protection isn't controllable. They opted for PKCS #12 containers protected by 12-character passphrases. Pretty inconvenient but what else could they possible do? Related: The IETF has recently started the development of yet another PKI enrollment scheme that doesn't support PIN-code provisioning! Anders -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
