Re: Security-Critical Information (i.e. Private Key) transmitted by Firefox to CA (i.e. Thawte) during X.509 key/cert generation

about this. But those folks don't participate in this mailing list/newsgroup, so you'll have to ask the question elsewhere to get such an answer. Who else would you propose asking ? Thanky you, 2009/1/10 Robert Relyea rrel...@redhat.com Fost1954 wrote: Bob wrote: So it turns out even

Re: Security-Critical Information (i.e. Private Key) transmitted by Firefox to CA (i.e. Thawte) during X.509 key/cert generation

Bob wrote: So it turns out even with crmf, escrow does not happen quietly. If the CA requests a key be escrowed, the user is notified: Sorry, Bob, but it becomes too technical for my knowledge, I do not know what crmf is, nor do I know what tokens etc.are, so speaking honestly: I do not

Re: Security-Critical Information (i.e. Private Key) transmitted by Firefox to CA (i.e. Thawte) during X.509 key/cert generation

Is there anybody to answer to my/Kaspar Band's statement below, as to get a final clarification ?: 1. Is there a dev-tech-crypto / Firefox developer/programmer who wants to confirm Kaspar Band's idea that running Firefox in Safe Mode when generating the key as well as requesting the Certificate

Re: Security-Critical Information (i.e. Private Key) transmitted by Firefox to CA (i.e. Thawte) during X.509 key/cert generation

by ourself. But the latter is not subject of discussion, I believe...) Thank you, 2008/12/31 Kaspar Brand m...@velox.ch Fost1954 wrote: 1. Can I spread the message into the world that Running Firefox in Safe Mode when generating the key as well as requesting the Certificate with Thawte

Re: Security-Critical Information (i.e. Private Key) transmitted by Firefox to CA (i.e. Thawte) during X.509 key/cert generation

2008/12/29 Kaspar Brand m...@velox.ch Nelson B Bolyard wrote: Fost1954 wrote, On 2008-12-27 06:54: My personal question: Is this warning dialog really ALWAYS the case ? I think the question is: is there any way for a web site to suppress that dialog? [...] But it's relatively easy

Re: Security-Critical Information (i.e. Private Key) transmitted by Firefox to CA (i.e. Thawte) during X.509 key/cert generation

2008/12/28 Nelson B Bolyard nel...@bolyard.me I think the question is: is there any way for a web site to suppress that [private key transmission warning-] dialog? Yes: this should be the point. Having the certainty, that a warning dialog cannot be suppressed when a private key is to be

Re: Security-Critical Information (i.e. Private Key) transmitted by Firefox to CA (i.e. Thawte) during X.509 key/cert generation

Thank you: […] Unfortunately Thawte's enrollment interface does not work without Javascript. […]Thawte could silently change the behaviour of the cert enrollment web interface. […] to be 100% sure [the private key is not transferred] you have to check that every time you go through this process.

Security-Critical Information (i.e. Private Key) transmitted by Firefox to CA (i.e. Thawte) during X.509 key/cert generation

Dear Firefox Developers, I understand that this should be the right place to ask: Using Firefox we would like to generate Thawte X.509 E-Mail Certificates. When generating the Private/Public key pair using Firefox as well as requesting the certificate, we are logged in on the Thawte Website.