On 2013-05-30 10:39, Yoshi Huang wrote: > Hi Anders > Yes, B2G definitely needs a better PKI client. > > I'll also check the issuer-defined icons and keygen problem you said.
Hi Yoshi, This is how it looks in Galaxy Note II using an upgraded key-store: http://webpki.org/images/credential-view.png The icons are aligned to the platform's display during the enrollment. Icons is just one of many features missing in Mozilla. The most glaring shortcomings are crypto module attestations and PIN-codes which is required for on-line banking. Unfortunately the Web Crypto WG has chosen to ignore this use-case so I guess banks will continue building their own [often rather strange...] PKI clients. Anders > > Also FYI, there's a meta bug created recently to address those security > features on B2G > https://bugzilla.mozilla.org/show_bug.cgi?id=876396 > > Thanks > > On 05/30/2013 04:22 PM, Anders Rundgren wrote: >> FirefoxOS needs a completely renovated PKI client in order to be >> competitive and useful. >> >> Issuer-defined Icons for credential GUIs is one of the many small >> things that are needed. >> >> The bigger issue is replacing the 19 year old <keygen> hack because >> <keygen> never worked for anybody but a handful of PKI geeks. >> >> Anders > > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
