cant".
Anders
- Original Message -
From: "Eddy Nigg"
Newsgroups: mozilla.dev.tech.crypto
To:
Sent: Thursday, June 04, 2009 20:52
Subject: Re: Smart cards and the element
On 06/04/2009 09:40 PM, Anders Rundgren:
> A guesstimate is that less than 1 out of 10 000 smar
A guesstimate is that less than 1 out of 10 000 smart cards actually
are provisioned with . There are two reasons for that:
1. does not support the information/processes involved
2. current smart cards are unsuitable for on-line provisioning by end-users
Due to this smart cards are general
it is fairly clear that standardization takes too long time, is riddled
by politics, and very often lacks real-world testing. XKMS is an example of a
standard that failed on the market in spite of being supported by all he big
guns. Open design, free code, and a community seems to be the most realistic
way ahead.
Anders Rundgren
per.mozilla.org/en/GenerateCRMFRequest
please give drop me a line :-)
Anders
- Original Message -
From: "Jonas Sicking"
To: "Anders Rundgren"
Cc: ; "Nelson B Bolyard" ;
Sent: Friday, April 17, 2009 23:16
Subject: Re: [whatwg] The element
On Thu, Ap
"Nelson B Bolyard" wrote [to the WHATWG list]:
>I think that the KEYGEN tag's attributes could be extended to accept all
>the arguments that can be passed to crypto.generateCRMFRequest, quite easily.
Yes, but the crypto.* functions could be extended to do things you would never
be able to do in
lt that
needed a successor.
If WHATWG took to for example IETF-PKIX, a *real' standardization
effort on this minor feature could easily take 2-3 years to complete!
Regards
Anders Rundgren
at is possible.
HTML5 looks great but I think you should stick to page layout and leave
protocols either to JavaScript or to some other extension mechanism.
Regards
Anders Rundgren
http://keycenter.webpki.org
Digital signatures is as you say just a variation of authentication. The things
that the DS people wants to add are:
- A "process" that differs from authentication from the user's point of view
- A persistent trace of the authenticated operation. This is what the signature
adds to the picture.
ure, I
would be happy to get a copy.
Anders
- Original Message -
From: "Channy Yun" <[EMAIL PROTECTED]>
To: "Anders Rundgren" <[EMAIL PROTECTED]>
Cc:
Sent: Tuesday, October 31, 2006 19:24
Subject: Re: [whatwg] Browser Signature Standards Proposal
Anders an
>> >The use of proprietary mechanisms (mostly ActiveX controls) for
>> >digital signatures is common in Korean sites as well, including
>> >Korean government sites.
>> That's right. They sure are proprietary; I was not even able to get
>> the Korean e-goverment signature spec since it is "secret"!
ActiveX controls) for
>digital signatures is common in Korean sites as well, including
>Korean government sites.
That's right. They sure are proprietary; I was not even able to get
the Korean e-goverment signature spec since it is "secret"!
Anders Rundgren
to that is that this
is only happening in the EU which in this particular space is roughly
5 years ahead of the US government and financial industry.
Anders Rundgren
- Original Message -
From: "Lachlan Hunt" <[EMAIL PROTECTED]>
To: "whatwg" <[EMAIL PROTECT
asked for a
revocation list, they don't ever know what user it was who was trying to
access the site.
The issue with a federated log on is you must log on and log off from
the federation site. Sites have to check with that site to see if your
token is valid or not, so any token based auth
Pardon,
I hope that you read the rest in spite of the fact that I screw-up already in
the subject line. :-(
Please correct the spelling in answer threads.
Anders
- Original Message -
From: "Anders Rundgren" <[EMAIL PROTECTED]>
To:
Cc: "Sam Hartman" <[EMA
nce it is already in
place.
There is no problem [at all] of having a mechanism [in the proposed scheme]
that switches from form-based authentication to transport-level authentication
like using TLS-client-certificates, while the opposite is impossible.
Sincerely
Anders Rundgren
tious about
neglecting the [perceived] needs of the [somewhat uneducated] mainstream.
Fools may turn out as pretty good buyers!
thanx,
Anders Rundgren
Developer of legacy apps, but for the web
- Original Message -
From: "Charles McCathieNevile" <>
To: "Matthew
>> But it is very hard to create certain types of applications without
>> having modal dialogs.
>That does not mean modal dialogs were a good idea, ever.
Christoph,
You are free to not use modal dialog in *your* applications.
You are also free to support end-users when windows magically "dis
http://webpki.org/WASP-specifications-2006-08-26.zip
There is [much] more if somebody is interested.
Anders Rundgren
re important than
if a feature is absolutely "right" or "wrong".
Sincerely
Anders Rundgren
19 matches
Mail list logo