Primo It wrote:
> First sorry for my english, i don`t do speak so good.
> I hope you can understand what i say below.
>
> I want to say by "personal" not accurately certificates for which I have
> (private) key, but final certificates that are not CA cert neither OCSP
> responder.
You're asking
Anders Rundgren wrote:
> http://www.w3.org/2006/02/axalto-paper.html
>
> This paper says that we can soon forget about P11 and such
> and rely on AJAX-like access to crypto.
We wouldn't have to worry about vendor-independent crypto device
interface standards if everyone in the world would agree t
http://www.w3.org/2006/02/axalto-paper.html
This paper says that we can soon forget about P11 and such
and rely on AJAX-like access to crypto.
Anybody who knows more about the finer details?
AR
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mo
The #1 problem with TTP CAs is that they can tricked to issue a certificate to
someone incorrectly claiming to be associated with a certain entity. There are
no
technical solutions to that today and (AFAIK) nothing on the horizon either.
Regarding trust management on client machines the only rea
Hello
Gervase Markham wrote:
> If you think they might do that, why might they not do it for other
> domains your users use (e.g. their bank)?
They might but I do not have direct control about that so I have to accept the
risk or try to reduce it through other means. However I have direct control
I'm having an issue with mod_nss, an Apache module I wrote that provides
SSL using NSS.
The way Apache loads modules is a tad strange. What it does is it loads
them one time in order to get its list of configuration directives and
it verifies that the configuration is ok. It also runs through
There are a number of things that your application must do,
both on the client and server side, Erik:
1) You must have a servlet that has access to the key-pair
on the server side;
2) Your applet must communicate to the servlet and request
the certificate from the servlet (you are free to u
Risk management, Gervase. If a company/domain-owner can securely
identify what CA they use, that prevents any other CA -- even one who
ends up inadvertently issuing certificates contrary to their CPS --
from causing damage, and thus lowers the risk of any individual CA
that may be in any given br
Hi,
I'm not sure if this is the correct site. But possible
it is and somone can help ...
I look for an answer for following problem:
In the mozilla was imported a client certificate.
1.) How is the way to get this certificate inside an applet
for using for encryption? (Assuming java sun pl
Balint Balogh wrote:
> Without this security measure, any CA that has its certificates in client
> software has the power to thwart SSL/TLS security by issuing fake certificates
> claiming to belong to *.example.com servers or email addresses.
If you think they might do that, why might they not do
10 matches
Mail list logo
