საიტის გასაუმჯობესებელი სამუშაოების მიმდინარეობისას, შესაძლებლობების ნაწილი შეიზღუდება. თუ სტატიით ვერ მოახერხებ ხარვეზის გამოსწორება და შეკითხვის დასმა გსურთ, ჩვენი მხარდაჭერის გუნდი დაგეხმარებათ @FirefoxSupport გვერდის მეშვეობით Twitter-ზე და /r/firefox განყოფილებაში Reddit-ზე.

ძიება მხარდაჭერაში

ნუ გაებმებით თაღლითების მახეში მხარდაჭერის საიტზე. აქ არასდროს მოგთხოვენ სატელეფონო ნომერზე დარეკვას, შეტყობინების გამოგზავნას ან პირადი მონაცემების გაზიარებას. გთხოვთ, გვაცნობოთ რამე საეჭვოს შემჩნევისას „დარღვევაზე მოხსენების“ მეშვეობით.

ვრცლად

Can't sign with client cert in Firefox 33? Why stop supporting this?

  • 1 პასუხი
  • 4 მომხმარებელი წააწყდა მსგავს სიძნელეს
  • 1 ნახვა
  • ბოლოს გამოეხმაურა philipp

just found this here: http://stackoverflow.com/questions/26382658/alternative-to-window-crypto-signtext-in-firefox-33.


Here's the deal with my investigation on the matter:

Mozilla removed the old API in their version because of security issues and not being official standard - https://developer.mozilla.org/en-US/docs/Archive/Mozilla/JavaScript_crypto

No back compatibility , nothing.

In future it is going to be replaced by the Web Crypto API

   http://caniuse.com/#feat=cryptography
   http://msdn.microsoft.com/en-us/library/ie/dn302338(v=vs.85).aspx
   which is a total nonsense because it doesn't support certificates.

If you want to enable it in Firefox 33 type about:config as URL and then set:

dom.webcrypto.enabled = true

Finally here's more on the problem: http://www.youtube.com/watch?v=MNzTCoxr2ek

So millions of users are left without the online signing with imported certificates under Firefox and there's nothing on the horizon coming for any of the browsers.


WTH?

You are not even close to an alternative! Now just watch the darn youtube clip. There is not even a remote sign this will ever be implemented properly in your new web crypto api.

For those people who upgraded and still want to use certificates in Firefox - here is a solution: just set dom.unsafe_legacy_crypto.enabled=true in about:config. And then for how long will this option be available?

just found this here: http://stackoverflow.com/questions/26382658/alternative-to-window-crypto-signtext-in-firefox-33. ----------------------------------- Here's the deal with my investigation on the matter: Mozilla removed the old API in their version because of security issues and not being official standard - https://developer.mozilla.org/en-US/docs/Archive/Mozilla/JavaScript_crypto No back compatibility , nothing. In future it is going to be replaced by the Web Crypto API http://caniuse.com/#feat=cryptography http://msdn.microsoft.com/en-us/library/ie/dn302338(v=vs.85).aspx which is a total nonsense because it doesn't support certificates. If you want to enable it in Firefox 33 type about:config as URL and then set: dom.webcrypto.enabled = true Finally here's more on the problem: http://www.youtube.com/watch?v=MNzTCoxr2ek So millions of users are left without the online signing with imported certificates under Firefox and there's nothing on the horizon coming for any of the browsers. -------------------------------------------------- WTH? You are not even close to an alternative! Now just watch the darn youtube clip. There is not even a remote sign this will ever be implemented properly in your new web crypto api. For those people who upgraded and still want to use certificates in Firefox - here is a solution: just set dom.unsafe_legacy_crypto.enabled=true in about:config. And then for how long will this option be available?

ყველა პასუხი (1)

hello, this forum is a users helping users forum and not the right place to discuss features or request changes, since developers won't read here. the background to the changes is explained in https://wiki.mozilla.org/SecurityEngineering/Removing_Proprietary_window.crypto_Functions

if you want to further discuss this issue, please take it to the dev.tech.crypto mailing list...