On 09/27/2013 02:29 AM, From Brian Smith:
I have met with several members of our DOM and web API teams and we've
tentatively agreed that we should remove these functions if at all
possible--as soon as 2014Q1. That is, we're hoping to remove all of
window.crypto.* except getRandomValues, and
Brian Smith schrieb:
Yes, I am interested in hearing why you think we cannot remove these
functions.
Well, it would be nice to have an alternative API. If you force us to
move from signText to some other stuff outside Firefox, I'll doubt we'll
switch to WebCryptoAPI again... .
On Thu, 2013-09-26 at 16:29 -0700, Brian Smith wrote:
On Mon, Apr 8, 2013 at 2:52 AM, helpcrypto helpcrypto
helpcry...@gmail.com wrote:
While awaiting to http://www.w3.org/TR/WebCryptoAPI/ Java applets for
client signning, signText and keygen are needed.
Also things like Handling smart
On 09/27/2013 08:12 PM, From Brian Smith:
My question is not so much Is anybody using this functionality but
rather What really terrible things, if any, would happen if we
removed them?
We might have to look for alternatives because when the card is removed
or inserted with can trigger
On Fri, September 27, 2013 10:29 am, Eddy Nigg wrote:
On 09/27/2013 08:12 PM, From Brian Smith:
My question is not so much Is anybody using this functionality but
rather What really terrible things, if any, would happen if we
removed them?
We might have to look for alternatives because
On 09/27/2013 08:52 PM, From Ryan Sleevi:
How do you deal with this in other browsers?
Well, I don't...so far :-)
However I'm aware of similar capabilities with IE.
What are the specific features that you need?
Detection of smart card removal or insertion.
Can you think of other ways
On Fri, September 27, 2013 1:35 pm, Eddy Nigg wrote:
On 09/27/2013 08:52 PM, From Ryan Sleevi:
How do you deal with this in other browsers?
Well, I don't...so far :-)
However I'm aware of similar capabilities with IE.
What are the specific features that you need?
Detection of
On 09/27/2013 11:52 PM, From Ryan Sleevi:
Let me try it differently: What actions do you take on this information?
Terminating a current session or triggering authentication to a new session.
As far as I know, IE doesn't provide the smart card insertion/removal
events, except perhaps through
On Mon, 2013-09-16 at 22:47 +0200, Kai Engert wrote:
DetecTor is an open source project to implement client side SSL/TLS MITM
detection, compromised CA detection and server impersonation detection,
by making use of the Tor network.
The integration of transparent client side probing into the
On Fri, September 27, 2013 2:22 pm, Eddy Nigg wrote:
On 09/27/2013 11:52 PM, From Ryan Sleevi:
Let me try it differently: What actions do you take on this information?
Terminating a current session or triggering authentication to a new
session.
When you define session, what do you mean
On 09/28/2013 12:45 AM, From Ryan Sleevi:
NSS already performs checking that the given smart card used to
authenticate is present whenever encrypting or decrypting data. This
includes cached session resumption as well.
Not SSL session of course, but on the web application layer.
If you're
On Fri, September 27, 2013 3:46 pm, Eddy Nigg wrote:
On 09/28/2013 12:45 AM, From Ryan Sleevi:
NSS already performs checking that the given smart card used to
authenticate is present whenever encrypting or decrypting data. This
includes cached session resumption as well.
Not SSL session
On 09/28/2013 01:59 AM, From Ryan Sleevi:
If your site requires a client certificate, and you know that a client
certificate is stored in a smart card, then you also know that when using
Firefox, and the smart card is removed, Firefox will invalidate that
SSL/TLS session.
Not really - except
On Fri, September 27, 2013 4:09 pm, Eddy Nigg wrote:
On 09/28/2013 01:59 AM, From Ryan Sleevi:
If your site requires a client certificate, and you know that a client
certificate is stored in a smart card, then you also know that when
using
Firefox, and the smart card is removed, Firefox
On Fri, September 27, 2013 4:09 pm, Eddy Nigg wrote:
On 09/28/2013 01:59 AM, From Ryan Sleevi:
If your site requires a client certificate, and you know that a client
certificate is stored in a smart card, then you also know that when
using
Firefox, and the smart card is removed, Firefox
On 09/27/2013 05:01 PM, Ryan Sleevi wrote:
On Fri, September 27, 2013 4:09 pm, Eddy Nigg wrote:
On 09/28/2013 01:59 AM, From Ryan Sleevi:
If your site requires a client certificate, and you know that a client
certificate is stored in a smart card, then you also know that when
using
On Fri, September 27, 2013 5:51 pm, Robert Relyea wrote:
On 09/27/2013 05:01 PM, Ryan Sleevi wrote:
On Fri, September 27, 2013 4:09 pm, Eddy Nigg wrote:
On 09/28/2013 01:59 AM, From Ryan Sleevi:
If your site requires a client certificate, and you know that a client
certificate is
17 matches
Mail list logo