<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt">Eddy,<br><br>> > I suppose you use JavaScript to generate the keypair and to import the certificate?<br>><br>> No, never - the keypair is always generated by the browser. See https://www.startssl.com/?app=25#51<br><br>OK, that says you use keygen to generate a key pair in Firefox (an<br>ActiveX control in IE). But you still have to use JavaScript to<br>import the certificate into the browser. AFAIK that's the only way<br>you can automatically import a certificate into the browser with<br>current technology. In Firefox you must be using<br>crypto.importUserCertificates(), is that right?<br><br>Francisco<br><div><br><blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; margin-top: 5px; padding-left: 5px;"> <div style="font-family: times new roman, new york, times, serif;
font-size: 12pt;"> <div style="font-family: times new roman, new york, times, serif; font-size: 12pt;"> <div dir="ltr"> <font face="Arial" size="2"> <hr size="1"> <b><span style="font-weight:bold;">From:</span></b> Eddy Nigg (StartCom Ltd.) <eddy_nigg@startcom.org><br> <b><span style="font-weight: bold;">To:</span></b> "openid-general@lists.openid.net >> 'openid-general'" <openid-general@lists.openid.net> <br> <b><span style="font-weight: bold;">Sent:</span></b> Sunday, February 12, 2012 3:49 PM<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: [OpenID] OpenID Providers Invited to Join in an NSTIC Pilot Proposal<br> </font> </div> <br>
<div id="yiv1850493263">
<div>
Hi Francisco,<br>
<br>
On 02/13/2012 12:03 AM, From Francisco Corella:
<blockquote type="cite">
<div style="color:rgb(0, 0, 0);background-color:rgb(255, 255,
255);font-family:times new roman, new york, times, serif;font-size:12pt;">One thing that's new in our pilot proposal is
the use of keygen for<br>
automatic issuance of certificates. I now know that you do
issue<br>
certificates automatically, I tried it out yesterday. </div>
</blockquote>
<br>
Welcome!<br>
<br>
<blockquote type="cite">
<div style="color:rgb(0, 0, 0);background-color:rgb(255, 255,
255);font-family:times new roman, new york, times, serif;font-size:12pt;">But you don't use keygen, do you?<br>
</div>
</blockquote>
<br>
It depends on the browser. Keygen is used everywhere except Internet
Explorer where we deploy currently VBscript for the enrollment. And
unfortunately Google Chrome doesn't support client certificate
enrollment except in a limited form on Linux.<br>
<br>
<blockquote type="cite">
<div style="color:rgb(0, 0, 0);background-color:rgb(255, 255,
255);font-family:times new roman, new york, times, serif;font-size:12pt;"> I suppose you use JavaScript to generate the
keypair and to import the certificate?</div>
</blockquote>
<br>
No, never - the keypair is always generated by the browser. See
<a rel="nofollow" class="yiv1850493263moz-txt-link-freetext" target="_blank" href="https://www.startssl.com/?app=25#51">https://www.startssl.com/?app=25#51</a><br>
<br>
<br>
<div class="yiv1850493263moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, COO/CTO</td>
</tr>
<tr>
<td> </td>
<td><a rel="nofollow" target="_blank" href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>XMPP: </td>
<td><a rel="nofollow">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a rel="nofollow" target="_blank" href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Twitter: </td>
<td><a rel="nofollow" target="_blank" href="http://twitter.com/eddy_nigg">Follow Me</a></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
<br>
</div>
</div><br>_______________________________________________<br>general mailing list<br><a ymailto="mailto:general@lists.openid.net" href="mailto:general@lists.openid.net">general@lists.openid.net</a><br><a href="http://lists.openid.net/mailman/listinfo/openid-general" target="_blank">http://lists.openid.net/mailman/listinfo/openid-general</a><br><br><br> </div> </div> </blockquote></div> </div></body></html>