On Friday, October 10, 2014 7:41:38 AM UTC+2, Anders Rundgren wrote: > IMO, you can't build a modern mobile OS using a cryptographic platform which > is 20 years old. > > > > NSS was designed when externally provisioned smart cards were [anticipated to > be] the norm. > > > > Modern mobile OSes have embedded security hardware which NSS's cousin > "keygen" doesn't address in a useful (=like Google's U2F) way. > > > > Unlike Android and iOS, Firefox doesn't offer (AFAIK) a rich OS with access > to secure keys. That may not be necessary either since W3C's WebCrypto could > (in an extended version NB...), provide such functionality. > > > > For an example of what such an architecture could offer, take a peek at: > > http://webpki.org/papers/PKI/EMV-Tokenization-SET-3DSecure-WebCryptoPlusPlus-combo.pdf#page=4 > > > > > Anders
http://webpki.org/papers/SKS-KeyGen2_FullStack.pdf _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
