On 2012-04-17 11:14, helpcrypto helpcrypto wrote: > So, do you (we) ALL agree NSS should be modified to hook with system > keystores like Windows or OSX? (Linux has no default system keystore, > so there will be no changes by now) > Maybe wtc has something to say against this... > > Are mozilla (we) going to see (wait) whats is said on: > http://www.w3.org/2011/11/webcryptography-charter.html ?
I participated both in a workshop in Mountain View as well as in some of the early discussions in a mailing-list. I got the impression that the proposers do not completely understand the difference between exposing APIs to untrusted browser-code versus APIs that are only available to built-in or explicitly installed plugin code. It was for example suggested that PKCS #11 should be exposed as a JavaScript object. I think that is downright ridiculous idea, almost as bad as: http://www.sconnect.com/FAQ/index.html Making Firefox compliant with Windows and OSX keystores is IMO an entirely different task. Anders -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
