On 2012-04-20 10:34, helpcrypto helpcrypto wrote:
> After reading your three mails, i have only one thing to say: Clear as water.
>
> Thank a lot for your patience and effort on explaining this for
> short-minded like me.
> Thanks a lot, REALLY, for your long, detailed and clear answer.
> Of course, thanks a lot to Anders (which also suffered me) and others,
> for the patience you are showing.
Thanx!!!
>
> Now, a few comments to some of yours and some questions at the end.
>
>
>> Here, you mean the keygen operation? I think it has to be the Software
>> Security Device. aka, the soft-token ?
>
> When an smartcard is present, and a request to generate a keypair is
> made, Mozilla shows a dialog to select the cryptographic device where
> the keys are going to be. If im developing a page to "request a
> certificate" on the smartcard, i (as a developer) CANT control if the
> user selects the card or softokn.
Helpcrypto, a possible *long-term* solution to this is that the requester
indicates such preferences. So if the requester says "external card"
(for example) the dialog would not need the user to select. If there
is no card present, it would ask the user to insert a suitable card.
This is at least how KeyGen2 works.
>
> So, if the user doesnt read the BIG warning that i show ("you must
> select the CARD!!!"), and never does, the keys are generated on
> softokn and that ends in many problems. Starting with the user
> thinking the cert is on the smartcard, where is not. Our users know
> what "the card" is.
>
>> Some UI tests have shown 99% of those warnings to be ignored. Some
>> optimistic tests have shown only 60% are ignored... Some active teaching
>> experiences have shown they can get it down to 30% with training, but the
>> test repeated after 3 months shows return to bad habits :)
>
> dont tell me.
> -------------------->you must select the CARD!!!
>
>> Is your application so valueless that you can cope with that? When using
>> smart card systems, you'll notice there are no warnings... because the smart
>> card designers at least know that if they rely on warnings, it's game-over.
>
> This proves you havent used spanish DNIe.
> Designers decide that, as a warning can be ignored, make sure user
> dont ignore the warnings.
> So DNIe show 2384729847239874923794 warnings, and i ignore them all.
>
>> Mind you, we don't know how valuable or valueless your application is.
>> Perhaps you could tell us what the key pair or signature is used for?
>
> company users need to sign documents (xml/pdf...) or mail
> we use FNMT (some guy could be killed for that) certs
> we have an smartcard where we put the cert in.
> we want users to be able to sign data (webforms or documents) using
> web [Actually using Java]
> we want users to be able to request certs 'directly' on smartcard
> (from a website)
>
> Do you need more details?
>
> I understand "this is a trusted site" is FAR AWAY from "this is a
> trusted site that can read my hard drive/execute commands".
> Signed applets, at the other hand, have full access, and can access to
> the smartcard.
> If there are no better options at the moment, shouldnt we
> (mozilla/firefox) suport them properly?
This is of course not of my business but I personally do not
see JSS neither as the solution for "now" or "the future".
I think these guys have do a huge work with signature Applets:
http://www.openoces.org
Anders
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
