On Fri, September 27, 2013 5:51 pm, Robert Relyea wrote:
>
>
> On 09/27/2013 05:01 PM, Ryan Sleevi wrote:
> > On Fri, September 27, 2013 4:09 pm, Eddy Nigg wrote:
> >> On 09/28/2013 01:59 AM, From Ryan Sleevi:
> >>> If your site requires a client certificate, and you know that a client
> >>> cert
On 09/27/2013 05:01 PM, Ryan Sleevi wrote:
> On Fri, September 27, 2013 4:09 pm, Eddy Nigg wrote:
>> On 09/28/2013 01:59 AM, From Ryan Sleevi:
>>> If your site requires a client certificate, and you know that a client
>>> certificate is stored in a smart card, then you also know that when
>>> us
On Fri, September 27, 2013 4:09 pm, Eddy Nigg wrote:
> On 09/28/2013 01:59 AM, From Ryan Sleevi:
> > If your site requires a client certificate, and you know that a client
> > certificate is stored in a smart card, then you also know that when
> > using
> > Firefox, and the smart card is removed,
On Fri, September 27, 2013 4:09 pm, Eddy Nigg wrote:
> On 09/28/2013 01:59 AM, From Ryan Sleevi:
> > If your site requires a client certificate, and you know that a client
> > certificate is stored in a smart card, then you also know that when
> > using
> > Firefox, and the smart card is removed,
On 09/28/2013 01:59 AM, From Ryan Sleevi:
If your site requires a client certificate, and you know that a client
certificate is stored in a smart card, then you also know that when using
Firefox, and the smart card is removed, Firefox will invalidate that
SSL/TLS session.
Not really - except in
On Fri, September 27, 2013 3:46 pm, Eddy Nigg wrote:
> On 09/28/2013 12:45 AM, From Ryan Sleevi:
> > NSS already performs checking that the given smart card used to
> > authenticate is present whenever encrypting or decrypting data. This
> > includes cached session resumption as well.
>
> Not SSL
On 09/28/2013 12:45 AM, From Ryan Sleevi:
NSS already performs checking that the given smart card used to
authenticate is present whenever encrypting or decrypting data. This
includes cached session resumption as well.
Not SSL session of course, but on the web application layer.
If you're not
On Fri, September 27, 2013 2:22 pm, Eddy Nigg wrote:
> On 09/27/2013 11:52 PM, From Ryan Sleevi:
> > Let me try it differently: What actions do you take on this information?
>
> Terminating a current session or triggering authentication to a new
> session.
When you define session, what do you m
On Mon, 2013-09-16 at 22:47 +0200, Kai Engert wrote:
> DetecTor is an open source project to implement client side SSL/TLS MITM
> detection, compromised CA detection and server impersonation detection,
> by making use of the Tor network.
The integration of transparent client side probing into the
On 09/27/2013 11:52 PM, From Ryan Sleevi:
Let me try it differently: What actions do you take on this information?
Terminating a current session or triggering authentication to a new session.
As far as I know, IE doesn't provide the smart card insertion/removal
events, except perhaps through
On Fri, September 27, 2013 1:35 pm, Eddy Nigg wrote:
> On 09/27/2013 08:52 PM, From Ryan Sleevi:
> >
> > How do you deal with this in other browsers?
>
> Well, I don't...so far :-)
>
> However I'm aware of similar capabilities with IE.
>
> > What are the specific features that you need?
>
> Det
On 09/27/2013 08:52 PM, From Ryan Sleevi:
How do you deal with this in other browsers?
Well, I don't...so far :-)
However I'm aware of similar capabilities with IE.
What are the specific features that you need?
Detection of smart card removal or insertion.
Can you think of other ways th
On Fri, September 27, 2013 10:29 am, Eddy Nigg wrote:
> On 09/27/2013 08:12 PM, From Brian Smith:
> > My question is not so much "Is anybody using this functionality" but
> > rather "What really terrible things, if any, would happen if we
> > removed them?"
>
> We might have to look for alternati
On 09/27/2013 08:12 PM, From Brian Smith:
My question is not so much "Is anybody using this functionality" but
rather "What really terrible things, if any, would happen if we
removed them?"
We might have to look for alternatives because when the card is removed
or inserted with can trigger se
On Fri, Sep 27, 2013 at 2:31 AM, Eddy Nigg wrote:
> On 09/27/2013 02:29 AM, From Brian Smith:
>
>> I have met with several members of our DOM and web API teams and we've
>> tentatively agreed that we should remove these functions if at all
>> possible--as soon as 2014Q1. That is, we're hoping to r
On Thu, 2013-09-26 at 16:29 -0700, Brian Smith wrote:
> On Mon, Apr 8, 2013 at 2:52 AM, helpcrypto helpcrypto
> wrote:
> >
> > While awaiting to http://www.w3.org/TR/WebCryptoAPI/ Java applets for
> > client signning, signText and are needed.
> > Also things like Handling smart card events or Lo
Brian Smith schrieb:
> Yes, I am interested in hearing why you think we cannot remove these
> functions.
Well, it would be nice to have an alternative API. If you force us to
move from signText to some other stuff outside Firefox, I'll doubt we'll
switch to WebCryptoAPI again... .
http://www.w3.
On 09/27/2013 02:29 AM, From Brian Smith:
I have met with several members of our DOM and web API teams and we've
tentatively agreed that we should remove these functions if at all
possible--as soon as 2014Q1. That is, we're hoping to remove all of
window.crypto.* except getRandomValues, and all
18 matches
Mail list logo
