I am trying to mimic the handling of Certificates commonly seen in browsers such as Mozilla - where the certificate is imported into a certificate manager given a password. However, as the user requires the certificate in any future sessions, the password is not needed in order to authenticate themselves with a given site. Now I'm still trying to get a grasp of PKI technology, but I'm assuming the browsers are just creating a keystore with a password that is required prior to importing. But what allows the user to access the keystore without needing a password to later retrieve the certificate for authentication. Thanks for any explanations you might have.
_______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
