On Mon, Apr 9, 2012 at 6:16 PM, Anders Rundgren <anders.rundg...@telia.com> wrote: > On 2012-04-09 12:13, helpcrypto helpcrypto wrote: >>> http://www.w3.org/2011/11/webcryptography-charter.html >> >> BSmith ans RRelyea directed me there also. All fishes go to sea... ;) > > The really big fishes (Google, Apple, and Microsoft) haven't said a word > (in public) about their interest in this. I think they have reasons to > wait for Mozilla to release their signature solution...
Really? And the mozilla signature solution (apart from current NSS) is/going to be...? shared nss db? the result of that wg? >>> http://webpki.org/papers/wasp/wasp-tutorial.pdf >>> http://webpki.org/papers/keygen2/sks-keygen2-exec-level-presentation.pdf >> >> I think i already read both documents some time ago. > > Isn't the inferiority of the soft token implementations a problem? Well...the real problem is thats not working as it should (IMHO). With a few changes in the way its compiled +sqlite, nss will be greatly improved. > In Sweden, banks rejected these since PIN-code protection isn't controllable. > They opted for PKCS #12 containers protected by 12-character passphrases. > Pretty inconvenient but what else could they possible do? Disagree. PKCS#12 is easier to crack than a crypto-card protected by the simplest PIN. > Related: The IETF has recently started the development of yet another > PKI enrollment scheme that doesn't support PIN-code provisioning! link? -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
