PSM 2.0 expected by May
Thursday January 25th, 2001
Bob Lord explains in n.p.m.crypto:
These documents will evolve over the next few weeks as we learn more and as Mozilla developers identify the areas where they'd like to help (platform support, for example).
We're trying to release PIP by the end of May. We'll soon post more information about building PIP, as well as the target date for switching the nightly builds over."
This is to cut down the overhead that is required on some OS's when creating new processes. This will help keep the memory requirements a tad lower. But I doubt most desktop users will even notice this minute cut in memory requirements.
If I'm reading "in-process" correctly, it probably means that we don't need to wait for PSM to load the first time we enter a secure connection. This is a significant speed up because even on my Pentium II, current PSM takes about 5 seconds to load. I think "in-process" is the way it should be because all previous browsers can make secure connections instantly.
Even 8 Mb makes a difference on older systems...and if ground floor is 150 Mhz, then that will be noticable my at least some.
#4 Why less meory requirement?
Friday January 26th, 2001 3:59 PM
I'm reading in-process PSM would lower mem requirements a tad. But how so? Just now, PSM is only loaded if needed during a session, which might not be always. While an in process PSM would be loaded upon start of mozilla, increasing start up time, right? Or will it still be dynamically loaded? Sorry, if the answer is in the PSM docs, I haven't read them yet.
#5 Re: Why less meory requirement?
Friday January 26th, 2001 5:02 PM
It will be dynamically loaded with less overhead if I read the docs correctly.
#6 taking bets
Friday January 26th, 2001 6:50 PM
I'm taking bets on whether this comes out right before Mozilla 1.0.
<I>PSM 2.0 Prioritized Feature List Retain all existing PSM 1.4 functionality including (but not limited to) these features:<BR> ... Encryption key escrow<BR> ... </i><BR><BR>
I\\\'m not very confortable with this. I haven\\\'t even seen an option to turn it off.
#8 Re: KEY ESCROW??
Sunday January 28th, 2001 1:30 PM
Some Certificate Authority (CA) products (such as the iPlanet Certificate Management System) have a key recovery feature. The CA administrator can configure the CA to escrow a user's encryption key during the enrollment process. When this happens, the user gets a warning dialog and has the option to continue or to cancel.
There is never a time when the CA gets your encryption key without your consent. We'd never let that happen.
I'd point to the exact text, but haven't completed those UI mockups yet. :-)