On-line certification in browsers ========================= Keygen is a poorly documented Netscape "relic" that do not support things like - Key export policies - PIN-code policies - Key container PoP as well as not offering an integrated mode for the entire key-gen to cert-download process. The latter becomes particularly ugly when different keys are deployed for encryption, authentication and digital signatures.
Xenroll is Microsoft's proprietary scheme which is considerably more advanced than keygen but still depends on MS-only stuff. Due to this a number of larger CAs have excluded both of these schemes in favor for proprietary but still cross-browser-usable schemes based on Java applets. Question: Is there anybody on this that would be interested in creating a new scheme that could gradually replace the dated schemes above? You may want to look at a recent counterpart for OTP tokens: http://www.rsasecurity.com/rsalabs/node.asp?id=2817 Compared to PKCS #10 and CRMF, CT-KIP is: 1. XML based 2. Multi pass That is, revising existing RFCs is not likely to be a good idea since on-line certification needs multi-pass protocols in order to support users with limited, or no knowledge of PKI. Certificate renewal also requires multi-pass including an atomic replacement operation. A difference with on-line certification schemes compared to for example the creation of web-server certificates is that in the former case the CA is usually the originator of all vital information including key length, subject DN etc. This is principally about the opposite of PKCS #10 and CRMF. So IMHO a new CSR scheme should [at least] allow the CA to define - key length and type - PIN/passphrase policy - key export policy - All but the public key of the EE certificate(s) to be generated As well as optionally requiring HW key container PoP & ID. The goal must be to eliminate as much as possible, any requirements on the user regarding answering questions that they would never have to bother with if they got a token distributed in a physical form, while still providing for a secure process. It should also support TPMs which are just around the corner. Anders Rundgren _______________________________________________ mozilla-crypto mailing list mozilla-crypto@mozilla.org http://mail.mozilla.org/listinfo/mozilla-crypto