Your subject, "time to dump NSS", intimately affects NSS developers who will have to worry about replacing all the things NSS does for us before they can even start to think about the additional concepts.
If you're proposing a mechanism that can live on the side without actually dumping NSS then I suppose we can discuss it elsewhere, but if it involves cryptography (how could it not?) then the tech.crypto group is the one the people who know about cryptography participate in. There are several (sometimes competing) efforts within the W3 and IETF to create standards around concepts like key management. We're unlikely to implement a solution that doesn't get buy-in from other browser and server makers in that kind of forum. -Dan Veditz -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto