Ian Grigg wrote:
If users find that dealing with mozilla products is difficult, they are far more likely to either not deal with the product, or not set it up to use keys at all. Hence, they have lost any security benefit, and only the very few who go through the trouble and jump through all the security hoops to use the more difficult tools will enjoy any protection.
But this is a double edge sword, the easier you make security the less likely good security will be used defeating potentially all benefit in having it in the first place. Good security isn't about making things as easy as possible, this merely has the effect of making people complacent, what's most needed is good documentation on why things are done the way they are done, good flow in the user interface so as to reduce confusion. Make education easier, not necessarily the technical side of security or you make it almost as useless as not having it.
This was more a comment in general.
As for openssl private keys, my understanding was you could still have the key encrypted with rsa encryption, but yet stored in 7bit ascii instead of binary.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
