Ryan Hurst via dev-security-policy <dev-security-policy@lists.mozilla.org> writes:
>Unfortunately, the PKCS#12 format, as supported by UAs and Operating Systems >is not a great candidate for the role of carrying keys anymore. You can see >my blog post on this topic here: http://unmitigatedrisk.com/?p=543 It's even worse than that, I use it as my teaching example of now not to design a crypto standard: https://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html In other words its main function is as a broad-spectrum antipattern that you can use for teaching purposes. >The core issue is the use of old cryptographic primitives that barely live up >to the equivalent cryptographic strengths of keys in use today. The offline >nature of the protection involved also enables an attacker to grind any value >used as the password as well. That, and about five hundred other issues. An easier solution would be to use PKCS #15, which dates from roughly the same time as #12 but doesn't have any of those problems (PKCS #12 only exists because it was a political compromise created to appease Microsoft, who really, really wanted everyone to use their PFX design). Peter. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
