This mail is my plea for the fastest possible integration into Mozilla of the patch made by kaie related to formsigning support. crypto.signText() is function that existed in Netscape Navigator 4.x that disappeared in Mozilla leaving only a short mail from Stephane Saux (http://www.mail-archive.com/[EMAIL PROTECTED]/msg03023.html). There's a patch in bugzilla #29152 "[feature] Cannot do formsigning" (http://bugzilla.mozilla.org/show_bug.cgi?id=29152). I tested it and as far as I can tell, it works.
Why does this function and why do we need it ? This function allows to build applications with "non-repudiation", providing the user with a mean to sign information using a X509 certificate. Without this function you'd need to have some kind of native plug-in or some Java applet with JNI which is a big task to create and maintain. Compared to Internet Explorer with CAPICOM, Mozilla support would look tremendously expensive and therefore most likely dropped. Should the Mozilla team care about integrating now a feature that might have limited use in the very short term ? I'll admit that secure web applications with digital signature are not common this days. But these solutions are being designed and developped today and if Mozilla isn't on the first train, I think it will be playing catch-up for a long time. signText() might look like a limited API, but it provides an atomic feature that is very difficult to obtain otherwise: - the user sees the text he is supposed to sign, - the signature can be provided by a hardware or software token, - the signature is a concrete proof of a user's intent. I'm not saying that after signText() is added all the problems will be solved. In fact it will probably spark the need for other new cryptographic features. I've looked at a lot of documentation and code about NSS and PSM, and I was frustrated to see that all these treasures were not accessible : not in Javascript and probably not in XUL either (I'm not totally sure about XUL, but I didn't find any documentation or code that would suggest it is possible). Changing that might take a long time to unfold, but in the mean time you'd still have signText() to rely on. Sincerely, -- Mathias Brossard <[EMAIL PROTECTED]>
