Re: My shy certificate

2006-08-10 Thread Nelson Bolyard
Dave Pinn wrote: > I need to clarify something: there are two states in which I can have my > notebook (the one with the TPM): > > 1. Certificates directly (via ProtectTools import function) and fully > (the icons indicate that private keys are available) imported into the > TPM. This is the state

Re: My shy certificate

2006-08-10 Thread Nelson Bolyard
Peter Djalaliev wrote: > Nelson Bolyard wrote: > >> You generated the key pair on a PC that didn't have the TPM chip. >> So the private key couldn't have been generated in the TPM chip, >> and when you generated it, mozilla (FF/TB/SM) didn't ask you which >> device you wanted to use to generate th

Re: My shy certificate

2006-08-10 Thread Nelson Bolyard
Peter Djalaliev wrote: > ftp://ftp.compaq.com/pub/products/security/embedded_security_-_implementation.pdf > > ...and as the ProtectTools implementation white-paper explains, their > Embeded Security Manager uses the TPM to create wrapping keys, which > are then used to encrypt the private keys of

RE: OCSP/CRL handling in Firefox

2006-08-10 Thread Krall, Gary
Nelson B Bolyard wrote: > On a related topic, perhaps you can speak to whether Verisign still considers > Alex Deacon's bug report https://bugzilla.mozilla.org/show_bug.cgi?id=234129 > to be an issue? I spoke with Alex this morning and yes he feels that this is still a bug and should be fixed.

Re: My shy certificate

2006-08-10 Thread Dave Pinn
Thanks for doing some research on this, Peter. I am comforted by the participation of several dedicated and generous souls in the investigation of this problem. It is currently 9:20 pm here in Sydney; I will attempt to contact a techie at HP tomorrow, to see if I can get some answers. I post

Re: My shy certificate

2006-08-10 Thread Peter Djalaliev
ftp://ftp.compaq.com/pub/products/security/embedded_security_-_implementation.pdf ...and as the ProtectTools implementation white-paper explains, their Embeded Security Manager uses the TPM to create wrapping keys, which are then used to encrypt the private keys of the user. The wrapped keys are

Re: My shy certificate

2006-08-10 Thread Peter Djalaliev
More information on how the TPM enables protected storage can be found starting on p. 145 of the TCPA specification (v. 1.1): https://www.trustedcomputinggroup.org/specs/TPM/TCPA_Main_TCG_Architecture_v1_1b.pdf Regards, Peter ___ dev-tech-crypto mailin

Re: My shy certificate

2006-08-10 Thread Peter Djalaliev
More information on how the TPM enables protected storage can be found starting on p. 145 of the TCPA specification (v. 1.1): https://www.trustedcomputinggroup.org/specs/TPM/TCPA_Main_TCG_Architecture_v1_1b.pdf Regards, Peter ___ dev-tech-crypto mailin

Re: My shy certificate

2006-08-10 Thread Peter Djalaliev
Nelson Bolyard wrote: > You generated the key pair on a PC that didn't have the TPM chip. > So the private key couldn't have been generated in the TPM chip, > and when you generated it, mozilla (FF/TB/SM) didn't ask you which > device you wanted to use to generate the keypair because, on that > m

Re: My shy certificate

2006-08-10 Thread Dave Pinn
Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\>certutil -L -h "Embedded Security Chip" -d X:/ThunderbirdProfile Enter Password or Pin for "Embedded Security Chip": Embedded Security Chip:David Michael Pinn's eSign Australia ID u,u,u Embedded Security Chip:Davi

Re: My shy certificate

2006-08-10 Thread Nelson B
Dave Pinn wrote: > I need to clarify something: there are two states in which I can have my > notebook (the one with the TPM): > > 1. Certificates directly (via ProtectTools import function) and fully > (the icons indicate that private keys are available) imported into the > TPM. This is the state

Re: My shy certificate

2006-08-10 Thread Dave Pinn
I need to clarify something: there are two states in which I can have my notebook (the one with the TPM): 1. Certificates directly (via ProtectTools import function) and fully (the icons indicate that private keys are available) imported into the TPM. This is the state in which I found my mach