Any who, just a thought. I don't know if there is a suggestion box,
but this would be a great thing for the crew of Apple to weigh in
on. In my humble opinion, it would make for a great framework for
the community at large, and Apple has a lot of play on this.
Later,
Daniel Beatty
Computer Scientist, Detonation Sciences Branch
Code 474300D
2400 E. Pilot Plant Rd. M/S 1109
China Lake, CA 93555
email@hidden
(760)939-7097
-----Original Message-----
From: webobjects-dev-bounces+daniel.beatty=email@hidden [mailto:webobjects-dev-bounces+daniel.beatty=email@hidden
] On Behalf Of Cheong Hee (Gmail)
Sent: Thursday, November 05, 2009 20:26
To: email@hidden
Subject: RE: Using hardware based certificates
Hi Daniel
Appreciate feedback and help to keep the interest. IIRC someone
asked similar subject before, but not much follow through. May be
this is non WO related issue, however hopefully a generic framework
for WO could be derived to as you suggested.
For past few years, I spent some thought to marry [browser +
smartcard] together during smart card personalization. Should I
say, personalization process is the core process in smart card
implementation. If you know how the data being "written" securely
into the card, reading will be at ease.
Else, challenging or challenging!!! If you heard about Datacard
Affina or
Platform7 (nope... not the one in Transformers movie) SCLM, you know
what i meant .
If I got it right, Travis is looking into a card that has been
personalized with certificate. The first hurdle I thought Travis
asking was the access to smart card / reader from browser. I
supposed it could be done using some kind of variant Javascript ,
correct me if wrong. Once this is done, the rest will be pretty
much with individual case of challenge-response. Did a quick
google, Shibboleth is a single sign on server, curious if it provides
method to access smart card via browser. It is easier in .NET, but
then it
limits the solution.
Cheers
Cheong Hee
Greetings Travis and Cheong,
True, those are good guides especially in the PKI lingo world.
Although,
in his case there may be a simpler solution. Since he is working
with
the Air Force, and I myself with the Navy I suggest that he and I
collaborate on this project and that he call me to set something up.
I have noticed the same thing in academia as well, thus we should
target a framework that handles this kind of thing for general public
use with as open standards as possible. Best example of such a
standard I can think
of is Shibboleth out of Virginia Tech. Of course, Apple may be
gunning
for something similar in its Mobile Access Server and either way it
would be nice to simply have a framework that just uses the service
to
maximize the benefit for everyone.
Later,
Daniel Beatty
Computer Scientist, Detonation Sciences Branch Code 474300D 2400 E.
Pilot Plant Rd. M/S 1109 China Lake, CA 93555 email@hidden
(760)939-7097
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/email@hidden
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/a.talk
%40zenn.net
This email sent to email@hidden
