Re: Do I need to give NSS random data?

Dave Townsend wrote: > I'm writing code that generates a cryptographic key pair. I have > basically followed the implementation in certutil which gathers some > random data from the keyboard and passes it to PK11_RandomUpdate. > However a few people are suggesting that NSS uses fairly good sources

Re: Generate Certification Request in PKCS#10 format from Browsers based on Mozilla

A follow up to the previous message. Although Mozilla NSS has excellent C-based API and command line tool for generation of PKCS#10 based CSR, Mozilla PSM does not expose any XPCOM based API for PKCS#10 to be used within browser. Mozilla JSS has API for generation of PKCS#10 API but in my opinion

Re: Generate Certification Request in PKCS#10 format from Browsers based on Mozilla

Giacomo, you can try our FF extension : https://addons.mozilla.org/en-US/firefox/addon/4471 for generation of PKCS#10 based CSR. The extension also provides XPCOM API for using with an FF-based Javascript apps. -- Subrata Giacomo Pappagallo wrote: > Browsers based on Mozilla use crypto.generateC

RES: PKCS #11 sucks. Re: Fedora Crypto Consolidation

Anders, I partially agree with you. When you buy a new token or smartcard, you download an installer application that registry the CSP dll into your system, so Windows can magically resolve digital certificate / storage association. What is missing in PKCS#11 based systems is user friendly instal

PKCS #11 sucks. Re: Fedora Crypto Consolidation

A cryptographic subsysten based on C and not having a registration facility is not a solution for the 21st century. AR - Original Message - From: "Jean-Marc Desperrier" <[EMAIL PROTECTED]> Newsgroups: mozilla.dev.tech.crypto To: Sent: Wednesday, September 12, 2007 15:22 Subject: Re: Fedor

Re: Fedora Crypto Consolidation

I am familiar with the SunPKCS11 Bridge, Jean-Marc. However, I believe that that is all it is - a bridge connecting two different environments. I don't deny that the bridge does work, but it will always be constrained by the fact that the two sides on either side of the bridge may evolve at diffe

Re: Fedora Crypto Consolidation

Arshad Noor wrote: > Given that the Fedora community is embarking on an effort > to consolidate crypto keystores and libraries, it would > make sense to take the needs of the Java community also > into consideration in the design and implementation. > [...] > What would be ideal is for JSS to evolv

Do I need to give NSS random data?

I'm writing code that generates a cryptographic key pair. I have basically followed the implementation in certutil which gathers some random data from the keyboard and passes it to PK11_RandomUpdate. However a few people are suggesting that NSS uses fairly good sources of random data anyway and