Wan-Teh Chang wrote:
Does anyone know why HTML5 specifies must use the
md5WithRSAEncryption signature algorithm? Was the use of MD5
discussed when was standardized in HTML5?
Eddy, does your CA accept a SignedPublicKeyAndChallenge (SPKAC)
structure signed using sha1WithRSAEncryption?
Wan-Teh
Does anyone know why HTML5 specifies must use the
md5WithRSAEncryption signature algorithm? Was the use of MD5
discussed when was standardized in HTML5?
Eddy, does your CA accept a SignedPublicKeyAndChallenge (SPKAC)
structure signed using sha1WithRSAEncryption?
Wan-Teh
--
dev-tech-crypto mai
Since "keygen" & Co do not support smart cards in a reasonable way
except for the creation of "administrator cards", I have played
with something that is more in line with how *real* card management
systems work while still using a browser. The following is an
approximation of how this scheme.
A
Anders,
On Mar 30, 10:57 pm, Anders Rundgren
wrote:
>
> Good to hear, thanx.
>
> Doesn't that also mean that anybody can enumerate your CSPs without your
> knowledge?
no, IE still says "The site is attempting to perform a certificate
operation, allow (yes/no)" when enumerating the CSPs. The onl
Thomas Zangerl wrote:
On Mar 30, 12:53 pm, Anders Rundgren
wrote:
It might be interesting to note how this works in MSIE since few
CAs can completely ignore MSIE even if they wanted to:
"" a la Microsoft:
It starts by the poor user trying to get the enroll ActiveX object
to run *by reducing s
On Mar 30, 4:39 pm, Thomas Zangerl wrote:
> to do it (can be painful) and it create standard PKCS#7 CSRs. Keygen
I meant "creates PKCS#10 CSRs". Need more coffee :)
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
On Mar 30, 12:53 pm, Anders Rundgren
wrote:
> It might be interesting to note how this works in MSIE since few
> CAs can completely ignore MSIE even if they wanted to:
>
> "" a la Microsoft:
>
> It starts by the poor user trying to get the enroll ActiveX object
> to run *by reducing security until
On 03/30/2010 01:53 PM, Anders Rundgren:
It might be interesting to note how this works in MSIE since few
CAs can completely ignore MSIE even if they wanted to:
The solution is really to define one standard, if that's keygen, so
long...preferable it should be fairly simply with few flags poss
On Mar 30, 12:23 pm, Jean-Marc Desperrier wrote:
> The most adequate group for this discussion would be mozilla.dev.tech.crypto
>
> I agree than enhancing generateCRMFRequest to let it generate a more
> usual format instead of only CRMF would be a big step forward.
>
> And making more obvious that
It might be interesting to note how this works in MSIE since few
CAs can completely ignore MSIE even if they wanted to:
"" a la Microsoft:
It starts by the poor user trying to get the enroll ActiveX object
to run *by reducing security until it starts*.
Most people fail already at this stage.
Th
Eddy Nigg wrote:
On 03/30/2010 01:23 PM, Jean-Marc Desperrier:
And making more obvious that keygen is not a good long term solution
is a very good thing.
Only in case the alternative will be supported by all or most browsers.
The original message shows that the fact keygen imposes a text of
On 03/30/2010 01:23 PM, Jean-Marc Desperrier:
And making more obvious that keygen is not a good long term solution
is a very good thing.
Only in case the alternative will be supported by all or most browsers.
Regards
Signer: Eddy Nigg, StartCom Ltd.
XMPP:start...@startcom.org
Blog:
The most adequate group for this discussion would be mozilla.dev.tech.crypto
I agree than enhancing generateCRMFRequest to let it generate a more
usual format instead of only CRMF would be a big step forward.
And making more obvious that keygen is not a good long term solution is
a very good
13 matches
Mail list logo
