[OpenID] OpenID Providers Invited to Join in an NSTIC Pilot Proposal
Francisco Corella
fcorella at pomcor.com
Sun Feb 12 22:03:21 UTC 2012
Eddy,
I just didn't know that StartSSL was also an OpenID provider.
One thing that's new in our pilot proposal is the use of keygen for
automatic issuance of certificates. I now know that you do issue
certificates automatically, I tried it out yesterday. But you don't
use keygen, do you? I suppose you use JavaScript to generate the
keypair and to import the certificate? If so the keygen
extension we are proposing would be simpler: no JavaScript code would
be needed. It would also be more secure, since it is difficult if not
impossible to secure the Javascript environment. See
http://www.matasano.com/articles/javascript-cryptography/.
Francisco
>________________________________
> From: Eddy Nigg (StartCom Ltd.) <eddy_nigg at startcom.org>
>To: 'openid-general' <openid-general at lists.openid.net>
>Sent: Saturday, February 11, 2012 9:14 AM
>Subject: Re: [OpenID] OpenID Providers Invited to Join in an NSTIC Pilot Proposal
>
>
>
>On 02/11/2012 01:58 AM, From Francisco Corella:
>FYI:
>>http://pomcor.com/2012/02/10/openid-providers-invited-to-join-in-an-nstic-pilot-proposal/
>>
>Without offending, but what's the news? StartCom (and maybe some
others) do this already for years: https://www.startssl.com/?app=14
>
>A pilot for something that works in production already for years? Or
am I missing something?
>
>
>Regards
>
>Signer: Eddy Nigg, COO/CTO
> StartCom Ltd.
>XMPP: startcom at startcom.org
>Blog: Join the Revolution!
>Twitter: Follow Me
>
>
>_______________________________________________
>general mailing list
>general at lists.openid.net
>http://lists.openid.net/mailman/listinfo/openid-general
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20120212/3aaf53ed/attachment.html>
More information about the general
mailing list