Hi Sunny,
I haven't heard about Message Pro.
Here is an open source (free) applet plugin:
http://www.openoces.org/index.html
It is used in Denmark and maybe somewhere else as well.
In Sweden the government has spent some $30M over the years on:
http://nexussafe.com/en/Products/Nexus-Personal
Hi Anders,
Thanks for your mail. Is there any proprietary solution that's
named Message Pro or so??
On Apr 6, 5:26 pm, Anders Rundgren wrote:
> Hi,
>
> Since there are no standards in this space most banks and e-governments
> use proprietary (but cross-browser) Java plugins. In the EU th
> This is not an issue. The name constraint makes it impossible for a
> domain registrant to issue a certificate that validates for a server
> name outside that domain. Hence, anything bad I do with my
> intermediate certificate could only hurt me as registrant of
> mattmccutchen.net.
What about
On Wed, 2010-04-07 at 05:17 +0300, Eddy Nigg wrote:
> On 04/07/2010 05:01 AM, Matt McCutchen:
> > But I do want to allow many more people to have their own sub-CAs,
> > unless there is an actual technical reason why it is a bad idea, in
> > which case I am hoping you will tell me.
>
> Yes, for exam
On 04/07/2010 05:01 AM, Matt McCutchen:
On Apr 6, 5:58 am, Jean-Marc Desperrier wrote:
Ah ! The direction of restricting people who currently use sub-CA for
their purpose to make it more secure will certainly be much more
successful than presenting it as allowing many more people to have th
On Apr 6, 5:58 am, Jean-Marc Desperrier wrote:
> Ah ! The direction of restricting people who currently use sub-CA for
> their purpose to make it more secure will certainly be much more
> successful than presenting it as allowing many more people to have their
> own sub-CA.
But I do want to allow
On Apr 6, 5:54 am, Jean-Marc Desperrier wrote:
> Matt McCutchen wrote:
> > An extended key usage of "TLS Web Server Authentication" on the
> > intermediate CA would constrain all sub-certificates, no?
>
> You are here talking about a proprietary Microsoft extension of the X509
> security model.
N
Hi,
Since there are no standards in this space most banks and e-governments
use proprietary (but cross-browser) Java plugins. In the EU there are at
least 10 different national schemes.
Chrome and Safari presumably do not support any pre-configured solution
since no such solution has gotten any
Hi,
I'm not able to find any literature on the topic of Signing data
using Digital Certificates with JS in Safari browser.
like, in Firefox, we have window.crypto.signtext() method that you can
call from Java script to select a certificate and sign the data using
the certificate.
For IE, we h
On Tuesday 06 April 2010 10:54:49 Jean-Marc Desperrier wrote:
> Matt McCutchen wrote:
> > An extended key usage of "TLS Web Server Authentication" on the
> > intermediate CA would constrain all sub-certificates, no?
>
> You are here talking about a proprietary Microsoft extension of the X509
> sec
Matt McCutchen wrote:
A name-constrained intermediate certificate could be quite convenient
for the large organizations that are presently demanding their users
to trust private CAs for the whole Web (see bug 501697).
Ah ! The direction of restricting people who currently use sub-CA for
their
Matt McCutchen wrote:
An extended key usage of "TLS Web Server Authentication" on the
intermediate CA would constrain all sub-certificates, no?
You are here talking about a proprietary Microsoft extension of the X509
security model.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozill
On 2010/04/05 10:12 PDT, G. Richard Bellamy wrote:
> I should have been more clear, I was asking if signtool, certutil, etc,
> could run in FIPS mode.
Absolutely, yes. It all depends on whether the "softoken" PKCS#11 module
is configured to be in FIPS mode or not. If it is, then any program t
13 matches
Mail list logo
