Fost1954 wrote, On 2008-12-27 06:54: > *_With other words (adapted from N. Bolyard):_* > > "b) Is there any way for a Firefox user to detect that his CA has requested > [the] private key [to be transmitted] ?" > > _Possible Answer by Kaspar Band: _ "...an "Encryption Key Copy" warning > dialog will be presented". > > My personal question: Is this warning dialog really ALWAYS the case ?
I think the question is: is there any way for a web site to suppress that dialog? > "c) When requesting a certificate from a CA, what can a Firefox user do to > prevent [transmission] of the newly generated private key?" > Possible Answer by kaspar Band: > > "Not too difficult to achieve, actually. Just add this line to your > prefs.js:[...] I think Kaspar's suggestion will disable the use of crypto.generateCRMFRequest entirely, not just for the case where key escrow has been requested. Is that right Kaspar? In any case, as long as the warning dialog cannot be suppressed, then I think it is both necessary and sufficient to address Fost's concerns. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
