On 8 Feb 2011, at 10:29, Nathan wrote: > Henry Story wrote: >> <webr3> like the US too > > http://www.nist.gov/nstic/ If you want to see (or play with it) - have a look at EJBCA.org - it will happily do software/file based certs/keys - so one can experiment quite a bit without needing much chipcard readers or HSM kit. >> It would be intresting to see if browsers can interact with these cards, if they contain an X509 certificate, and if these could contain a WebID. > > Firefox does to some degree, it's the most advanced crypto wise: > > https://developer.mozilla.org/en/javascript_crypto > > There is scope to get this "in to" all the browsers, because it simply needs spec'd properly, and it's one of the to-do (html wg or webapps) specs which needs an editor / written.. Keep in mind that a lot of the current chipcards, identitycards, ecards, tax-office cards and signing cards are pre-made by some issuer (e.g. the passport office or the chamber of commerce) rather than at home. So that means you just have the right PKCS#11 dll/.so installed which gets picked up by your browser. And even if there is a plugin (like *) they are just a thin stub (See http://nauseamedialis.org/belgian_eid_archlinux - the register.html page just tells your browser where the pkcs#11 middleware is - the rest is nothing to do with that - but pure mngt UI). And it is increasingly common to have that *html page & DDL sitting on the card as well - making that part appear as a FAT file system over USB. I guess that what I am trying to say is that there is a whole class of pure end user cases which need a lot less from the browsers than the full manage-yourself case. Dw *: https://addons.mozilla.org/en-US/firefox/addon/belgium-eid/Received on Tuesday, 8 February 2011 10:48:28 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:41 UTC