- From: timeless <timeless@gmail.com>
- Date: Sun, 3 Aug 2008 03:35:32 -0700
On Thu, Jul 31, 2008 at 4:33 AM, Channy Yun <channy at creation.net> wrote: > The national PKI system has own certificate issuing process to citizen with > face-to-face meeting. And it requires to "submit ones client certificate" > for e-government and financial transaction with "digital signature" per each > signature. could you please provide example urls for this? I'm not quite sure I understand why standard certificate challenges are insufficient for this. oddly, my own bank does something like this w/ a java applet, except if i pretend to be a mobile client, it waves this stupid requirement. > "submit ones client certificate" is traditional SSL authentication and > "digital signature" is new requirement. > In fact, ActiveX and Java plugin are needed for digital signature. > If we can submit returned encrypted message in form via SSL, the technical > requirement is sufficient for all national PKI system. Especially, Camellia > (Japanese and European official cryptographic algorithm) already implemented > in Open SSL for web browsers. Most of them is ready. http://boblord.livejournal.com/16968.html It seems NSS supports it too. > server via SSL, web server can decrypt form data signed by client > certificate and check validation and insured transaction by each country's > law. urls for these "laws" would be appreciated.
Received on Sunday, 3 August 2008 03:35:32 UTC