On 2009-07-03 04:33 PDT, Udo Puetz wrote:
> What we've found out now is this: there is no CA certificate on the
> token. And it seems that firefox needs the CA and the user certificate
> from the same place:
I don't believe it is true that Firefox requires both to be in the same
token.
> If I im
On 2009-07-03 05:29 PDT, Ian G wrote:
> We desperately need some form of whitelisting in Firefox so that each site
> always gets presented the same cert. If browsers can remember cookies
> and username/passwords, then they can remember cert/domain combinations.
This goes double for Thunderbird
On 2009-07-03 00:30 PDT, Martin Paljak wrote:
> Some constructive suggestions; mostly for Firefox:
>
> 1. Use platform API-s where appropriate: cryptoapi (and basecsp via
> this) on windows; cdsa/keychain on macosx.
Regardless of who does it, this triples/quadruples the amount of work
to be d
On 2009-07-03 10:52 PDT, Dmitriy Varnavskiy wrote:
> I have run several tests of JSS on Linux - they all worked fine so seems
> JSS is correctly installed. But when I am launching my app java for some
> reason is not using certificates in firefox keystore.
Thanks for being patient. Our JSS expert
On 2009-07-03 08:39 PDT, Anders Rundgren wrote:
> This demonstrates that standardization is an option but an increasingly
> difficult option as well in an ever faster-moving world:
> http://www.w3.org/2009/06/xhtml-faq.html
Does it?
It appears to me that this is the standards body pruning the tre
I have run several tests of JSS on Linux - they all worked fine so seems JSS
is correctly installed. But when I am launching my app java for some reason
is not using certificates in firefox keystore.
2009/6/27 Dmitriy Varnavskiy
> Fail means that window with prompt to select certificate appears.
Ian G wrote:
>> I'm sure that (for example) a signature scheme done by a handful of
>> committed people
>> as a Firefox extension would likely do much better than a W3C or OASIS WG
>> could
>> even dream of.
>No doubt there whatsoever. The notion that W3C or any of the other
>acronyms can do a
On 3/7/09 17:39, Anders Rundgren wrote:
This demonstrates that standardization is an option but an increasingly
difficult
option as well in an ever faster-moving world:
http://www.w3.org/2009/06/xhtml-faq.html
I'm sure that (for example) a signature scheme done by a handful of committed
people
This demonstrates that standardization is an option but an increasingly
difficult
option as well in an ever faster-moving world:
http://www.w3.org/2009/06/xhtml-faq.html
I'm sure that (for example) a signature scheme done by a handful of committed
people
as a Firefox extension would likely do mu
The URLs didn't work so I repost it and this time with a correct subject line...
This is something I really hate:
http://www.evs.ee/product/tabid/59/p-165216-cents-15480-22007.aspx
Paying for *open* standards!
Anyway, this scheme will get hard competition from a lot of places including
the token
On 3/7/09 09:30, Martin Paljak wrote:
...
2. Fix Firefox/NSS - Firefox still thinks that you should be able to
authenticate to websites with certificates *without* TLS client
authentication extension. Add automatic certificate selection, and you
get trouble.
Yes, this makes cert login as bad a
This is something I really hate:
http://www.evs.ee/product/tabid/59/p-165216-cents-15480-22007.aspx
Paying for *open* standards!
Anyway, this scheme will get hard competition from a lot of places including
the token vendors who certainly do not want to become replaceable like USB
memory sticks.
On Jul 2, 7:28 pm, Nelson B Bolyard wrote:
Hi all,
I'll answer Mr. Bolyards questions briefly because I think we found
the culprid. See at the bottom.
> > I have a safenet iKey 1032 token where I imported the p12 certificate.
> > In firefox (tried 2.0.x, 3.0.x and 3.5.x) I imported the safenet
>
Kyle Hamilton wrote:
I'm not aware of any such profile. There is smart card profile
> but I doubt it has much to do with PKCS #11, it is rather about
> 7816.
You're right, PKCS#11.
http://www.usb.org/developers/docs/EH_MR_rev1.pdf
But what is "7861"?
He's refering to ISO7816, the set of s
On 3/7/09 07:15, Anders Rundgren wrote:
Nelson B Bolyard wrote:
but please don't take it out on us. Please refrain from further sniping
in this mailing list and newsgroup. Constructive contributions are welcome.
I'm sorry about that. Is there any other place where Mozilla people hang
out wh
>Anders, I think you must take your ideas to a standards body
Eddy, this is exactly what I believed/hoped/craved for.
Unfortunately, the people who represent "stake holders" like EU
governments and banks do participate in International foras like OASIS
and IETF, nor fund such developments. It
On 07/03/2009 08:15 AM, Anders Rundgren:
I'm sorry about that. Is there any other place where Mozilla people hang
out where there is an interest in trying to understand why and what is
happening on the PKI side for consumers?
Anders, I think you must take your ideas to a standards body - I
Hello,
my colleague has run off with the test token so I can only show you
some screenshots I made for the german support of safenet. These show
roughly what you requested. When my colleague returns I'll make new
screenshots (in english if I manage somehow). Here are the shots:
http://www.i-nex.de/
On 03.07.2009, at 8:15, Anders Rundgren wrote:
According to most people who are into consumer PKI, Java applets is
the
best solution for cross-browser PKI. I think Java applets suck but
indeed,
that's really all we got.
but please don't take it out on us. Please refrain from further
sni
19 matches
Mail list logo
