W3C home > Mailing lists > Public > public-xg-webid@w3.org > February 2011

Re: German eID

From: Dirk-Willem van Gulik <Dirk-Willem.van.Gulik@BBC.co.uk>
Date: Tue, 8 Feb 2011 10:47:23 +0000
Cc: Henry Story <henry.story@bblfish.net>, WebID XG <public-xg-webid@w3.org>, Martin Gaedke <martin.gaedke@informatik.tu-chemnitz.de>
Message-Id: <76F64926-2586-4F1E-A7AA-9F936933DC8D@BBC.co.uk>
To: nathan@webr3.org

On 8 Feb 2011, at 10:29, Nathan wrote:

> Henry Story wrote:
>> <webr3> like the US too
> 
> http://www.nist.gov/nstic/

If you want to see (or play with it) - have a look at EJBCA.org - it will happily do software/file based certs/keys - so one can experiment quite a bit without needing much chipcard readers or HSM kit.

>> It would be intresting to see if browsers can interact with these cards, if they contain an X509 certificate, and if these could contain a WebID.
> 
> Firefox does to some degree, it's the most advanced crypto wise:
> 
>  https://developer.mozilla.org/en/javascript_crypto
> 
> There is scope to get this "in to" all the browsers, because it simply needs spec'd properly, and it's one of the to-do (html wg or webapps) specs which needs an editor / written..

Keep in mind that a lot of the current chipcards, identitycards, ecards, tax-office cards and signing cards are pre-made by some issuer (e.g. the passport office or the chamber of commerce) rather than at home. So that means you just have the right PKCS#11 dll/.so installed which gets picked up by your browser. And even if there is a plugin (like *) they are just a thin stub (See http://nauseamedialis.org/belgian_eid_archlinux - the register.html page just tells your browser where the pkcs#11 middleware is - the rest is nothing to do with that - but pure mngt UI). And it is increasingly common to have that *html page & DDL sitting on the card as well - making that part appear as a FAT file system over USB.

I guess that what I am trying to say is that there is a whole class of pure end user cases which need a lot less from the browsers than the full manage-yourself case.

Dw

*: https://addons.mozilla.org/en-US/firefox/addon/belgium-eid/
Received on Tuesday, 8 February 2011 10:48:28 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:22 UTC