On Tue, Sep 14, 2010 at 13:29, Ian G <i...@systemics.com> wrote:
> On 14/09/10 2:26 PM, Marsh Ray wrote:
>>
>> On 09/13/2010 07:24 PM, Ian G wrote:
>
>>> 1. In your initial account creation / login, trigger a creation of a
>>> client certificate in the browser.
>>
>> There may be a way to get a browser to generate a cert or CSR, but I
>> don't know it. But you can simply generate it at the server side.
>
> Just to be frank here, I'm also not sure what the implementation details are
> here.  I somewhat avoided implementation until it becomes useful.

The French government has been doing this using Java applets for the
last decade (at least). This allows the happy French tax payers to
generate their own CSRs and have them automatically signed by the tax
administration in one swoop.

This might be the only large scale deployment of client-side
certificates in browsers I know of. (And I'd certainly like to hear
about others.)

--
Erwan Legrand

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to