Bill Squier
Thu, 14 Feb 2008 14:41:02 -0800
On Feb 11, 2008, at 8:28 AM, Philipp Gühring wrote:
I had the feeling that Microsoft wants to abandon the usage of client certificates completely, and move the people to CardSpace instead.But how do you sign your emails with CardSpace? CardSpace only does therealtime authentication part of the market ...
We (Morgan Stanley) were able to pressure them into a rapid fix, and they have committed to delivering it in SP1. Keep your fingers crossed.
If anyone needs more information how to upgrade your Web-based CA for IE7:http://wiki.cacert.org/wiki/IE7VistaSource
Step (2), "On Vista you have to add this website to the list of trusted sites in the internet-settings." can be quite unpalatable. Depending on your customers' situations, an alternative might be more palatable: Generate the key and deliver a PKCS#12.
This depends on whether you believe in the non-repudiation fairy or not -- or more accurately, whether you're already assuming the repudiation risk.
-wps --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]