1. To do simple hardware deployments crypto object needs to supply method to generate key with specific security module. This could be done as extension of generateCRMFRequest() method or any other way. 2. Crypto object doesn't supply any methods to list security modules. I'm on 2001-10-22-18-0.9.4
Can you elaborate? Do you want the ability to specify which hardware token the key will be generated (or stored) on?
If you need to deploy keys and certificates on hardware only, you don't have to watch them to be sure that it is done right. It is enough to verify presence of the specific security module and then generate key or keys on it.
16 years ago
This is actually what I would like to avoid. Imagine that you would like to force your employees to use smartcards only. Current choice is either watch them picking correct (hardware) module or do the picking for them. Both situations are requiring human assistance and they are little bit embarrassing. This could be avoided by adding to generateCRMFRequest() method, ability to generate keys on specified module. It would be even nicer to inform end user that he/she is missing required (hardware) module. We could achieve this by making generateCRMFRequest() return appropriate error or/and adding a new method which would allow to check the presence of the specific module.
Could we meet in the middle? Instead of providing a way to iterate over available modules, and instead of adding a "module name" parameter to the generate key request, we could do something else: We could extend the key generation method to take a boolean parameter, that says "only hardware allowed". If there is no hardware device, Mozilla could display an error message (hardware device requested but n/a). If there is exactly one hardware device, Mozilla could use just that one. If there are multiple hardware devices available, Mozilla could display a list of all hardware devices (not allowing to select the software device).
We should not design this without imput from Terry Hayes. The real solution may involve CMC, support on server and client, etc... If we think this is high priority, we should schedule a design/architecture meeting. I'm not sure this is such high priority at the moment. Note that the relying party (the party who really cares whether the key/certs are generated on the device) is the issuing CA. The CA can only certify that the key has been generated on a hardware device if the cert request from the client contains data that cryptographically identifies the device. The CA must have a way to request this extra info from the client.
Mass reassign ssaux bugs to nobody
changing obsolete psm* target to --- (unspecified)
this (bug which is focused on letting the web page demand a hardware device) isn't a duplicate of that bug (which is interested in letting the user pick a default target)
Are any other browsers going to implement generateCRMFRequest? I doubt so, and I guess that means that there is no hope for standardizing this. Perhaps, then, we should WONTFIX all the enhancements to this method?
Bug 1030963 removed this functionality entirely.