On Feb 11, 2008, at 8:28 AM, Philipp Gühring wrote:
I had the feeling that Microsoft wants to abandon the usage of client
certificates completely, and move the people to CardSpace instead.
But how do you sign your emails with CardSpace? CardSpace only does
the
realtime authentication part of the market ...
We (Morgan Stanley) were able to pressure them into a rapid fix, and
they have committed to delivering it in SP1. Keep your fingers crossed.
If anyone needs more information how to upgrade your Web-based CA
for IE7:
http://wiki.cacert.org/wiki/IE7VistaSource
Step (2), "On Vista you have to add this website to the list of
trusted sites in the internet-settings." can be quite unpalatable.
Depending on your customers' situations, an alternative might be more
palatable: Generate the key and deliver a PKCS#12.
This depends on whether you believe in the non-repudiation fairy or
not -- or more accurately, whether you're already assuming the
repudiation risk.
-wps
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
