Anders Rundgren wrote: > Hi Crypto-Mozillians, > > I wonder if any of you guys have any interests in making Mozilla > setting the standard for on-line signing (a.k.a. WebSign)?
I'm not sure if it's a suitable alternative, but one of the authentication schemes built into browsers etc, allows you to authenticate to websites via x509 client certificates, and you don't need to have any modifications made to browser or server software to achieve it. We use this method verified against our root certificate + trapping the certificate serial number (which we can match against our internal database) to allow people to log into our website without needing a password. Ideally if you used some kind of pin number in conjunction with removable hardware this is a better option as you reduce risks etc... Sample of php code can be found on our website that utilises this feature. -- Best regards, Duane http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers "In the long run the pessimist may be proved right, but the optimist has a better time on the trip." _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
