On 3. 2. 2011 9:21, Anders Rundgren wrote:
Matej Kurpel wrote:
On 2. 2. 2011 13:37, Gervase Markham wrote:
On 01/02/11 18:08, Matej Kurpel wrote:
@Q4: I am doing this as my diploma thesis, it works for Windows Mobile
phones/PDAs and is tested with Firefox and Thunderbird. Certificate
login works fine in Firefox.
Can you tell us a bit more about this?
How does what you are doing compare to http://motp.sourceforge.net/?
Gerv
My solution is completely different - mobile phone acts as an
ordinary cryptographic token - it contains private/public keys and
personal certificates. You just install a PKCS#11 module in Firefox
and set up an application on your mobile phone and are ready to go.
Private keys are encrypted and a passphrase is asked for everytime
the use of private key is requested.
That's the REAL STUFF! Virtual "cards" and PIN-code terminal in one
unit. What's missing are standards including on-line provisioning of
keys.
Long-term I believe credential selection will move to the phone
which though requires an entirely different mechanism than PKCS #11.
Out of curiosity - why a different mechanism than PKCS#11? Is there
anything other than CryptoAPI from M$?
A. Rundgren
M. Kurpel
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
