• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Using hardware based certificates
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using hardware based certificates

  • Subject: Re: Using hardware based certificates
  • From: "Cheong Hee (Gmail)" <email@hidden>
  • Date: Thu, 5 Nov 2009 14:51:45 +0800
Hi Tavis 
Daniel, I just noticed your credentials!



Do you (or anyone else on the list) have experience using a smartcard with WO or any other web development? Here are things I'd like to do:

Easy-
Ask for an identity certificate (not too hard, they are X.509 based)
Sign an iText document (also not hard, the iText in Action book describes the process) 
BER DER format?

These are necessary readings:
¨An Overview of the PKCS Standards (Burton S. Kaliski Jr., 1993)
¨A Layman's Guide to a Subset of ANS.1, BER, and DER (Burton S. Kaliski Jr., 1993)



Hard-
Get other properties off the card.
Some smart card data could be stored in secured area or open data. If they are open data, it is easy and just APDU commands, otherwise, it will be more challenging.
However, to access smart card from browser, you will need PCSC library and plug-in. I have not much info about the plug-in. Sometime back someone has posted about accessing fingerprint from browser using plug-in IIRC. Hope some pointer on this.


Purpose-
When a new user creates a profile, I don't want them to have to play 20 questions. It's error prone and annoying. Everyone in my organization (US Air Force) has to use the card to gain access to a computer or government web site anyway and hates entering thier data yet again to use a small app. Thier full name, title or military rank, unique ID number, date of birth, organization, etc. are all on the card and reasonably guaranteed to be error free. I want to pull that data. Also, my app has more person entities than active users; for example if I am my unit representative then I currently need to find and hand type the personal information for the 20 people in my unit knowing I will never get 20 people to create accounts in a painful process. But I could ask them to stop by and put thier card in my computer for 5 seconds. As far as I can tell, there is no way for a web server to get that information directly like it can when it asks for a certificate
because this data is not stored in a certificate. But could a JavaScript application get it?

I've found a lot of documentation on the web for using X.509 certificates, and other sources for writing native client code to interface directly with smartcards, but nothing on using the card's stored data from inside a web browser.

Tavis McDevitt


Cheers

Cheong Hee 

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • RE: Using hardware based certificates

      • From: "Beatty, Daniel D CIV NAVAIR, 474300D" <email@hidden>
      • 



    

  • Prev by Date:
Re: _rewriteURL is not called in Tomcat Deployment

    • 

  • Next by Date:
Re: _rewriteURL is not called in Tomcat Deployment

    • 

  • Previous by thread:
Using hardware based certificates

    • 

  • Next by thread:
RE: Using hardware based certificates

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •