IMO, you can't build a modern mobile OS using a cryptographic platform which is 20 years old.
NSS was designed when externally provisioned smart cards were [anticipated to be] the norm. Modern mobile OSes have embedded security hardware which NSS's cousin "keygen" doesn't address in a useful (=like Google's U2F) way. Unlike Android and iOS, Firefox doesn't offer (AFAIK) a rich OS with access to secure keys. That may not be necessary either since W3C's WebCrypto could (in an extended version NB...), provide such functionality. For an example of what such an architecture could offer, take a peek at: http://webpki.org/papers/PKI/EMV-Tokenization-SET-3DSecure-WebCryptoPlusPlus-combo.pdf#page=4 Anders _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
