<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt">Eddy,<br><br>I just didn't know that StartSSL was also an OpenID provider.<br><br>One thing that's new in our pilot proposal is the use of keygen for<br>automatic issuance of certificates. I now know that you do issue<br>certificates automatically, I tried it out yesterday. But you don't<br>use keygen, do you? I suppose you use JavaScript to generate the<br>keypair and to import the certificate? If so the keygen<br>extension we are proposing would be simpler: no JavaScript code would<br>be needed. It would also be more secure, since it is difficult if not<br>impossible to secure the Javascript environment. See<br>http://www.matasano.com/articles/javascript-cryptography/.<br><br>Francisco<br><div><br><blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; margin-top: 5px;
padding-left: 5px;"> <div style="font-family: times new roman, new york, times, serif; font-size: 12pt;"> <div style="font-family: times new roman, new york, times, serif; font-size: 12pt;"> <div dir="ltr"> <font face="Arial" size="2"> <hr size="1"> <b><span style="font-weight:bold;">From:</span></b> Eddy Nigg (StartCom Ltd.) <eddy_nigg@startcom.org><br> <b><span style="font-weight: bold;">To:</span></b> 'openid-general' <openid-general@lists.openid.net> <br> <b><span style="font-weight: bold;">Sent:</span></b> Saturday, February 11, 2012 9:14 AM<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: [OpenID] OpenID Providers Invited to Join in an NSTIC Pilot Proposal<br> </font> </div> <br>
<div id="yiv1288212574">
<div>
<br>
On 02/11/2012 01:58 AM, From Francisco Corella:
<blockquote type="cite">
<div style="color:#000;background-color:#fff;font-family:times new roman, new york, times, serif;font-size:12pt;">FYI:<br>
http://pomcor.com/2012/02/10/openid-providers-invited-to-join-in-an-nstic-pilot-proposal/<br>
</div>
</blockquote>
<br>
Without offending, but what's the news? StartCom (and maybe some
others) do this already for years: <a rel="nofollow" class="yiv1288212574moz-txt-link-freetext" target="_blank" href="https://www.startssl.com/?app=14">https://www.startssl.com/?app=14</a><br>
<br>
A pilot for something that works in production already for years? Or
am I missing something?<br>
<br>
<div class="yiv1288212574moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, COO/CTO</td>
</tr>
<tr>
<td> </td>
<td><a rel="nofollow" target="_blank" href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>XMPP: </td>
<td><a rel="nofollow">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a rel="nofollow" target="_blank" href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Twitter: </td>
<td><a rel="nofollow" target="_blank" href="http://twitter.com/eddy_nigg">Follow Me</a></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
<br>
</div>
</div><br>_______________________________________________<br>general mailing list<br><a ymailto="mailto:general@lists.openid.net" href="mailto:general@lists.openid.net">general@lists.openid.net</a><br><a href="http://lists.openid.net/mailman/listinfo/openid-general" target="_blank">http://lists.openid.net/mailman/listinfo/openid-general</a><br><br><br> </div> </div> </blockquote></div> </div></body></html>