Matej Kurpel wrote:
On 2. 2. 2011 13:37, Gervase Markham wrote:
On 01/02/11 18:08, Matej Kurpel wrote:
@Q4: I am doing this as my diploma thesis, it works for Windows Mobile
phones/PDAs and is tested with Firefox and Thunderbird. Certificate
login works fine in Firefox.
Can you tell us a bit more about this?
How does what you are doing compare to http://motp.sourceforge.net/?
Gerv
My solution is completely different - mobile phone acts as an ordinary
cryptographic token - it contains private/public keys and personal
certificates. You just install a PKCS#11 module in Firefox and set up an
application on your mobile phone and are ready to go. Private keys are
encrypted and a passphrase is asked for everytime the use of private key
is requested.
That's the REAL STUFF! Virtual "cards" and PIN-code terminal in one
unit. What's missing are standards including on-line provisioning of
keys.
Long-term I believe credential selection will move to the phone
which though requires an entirely different mechanism than PKCS #11.
A. Rundgren
M. Kurpel
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto