- From: Dirk-Willem van Gulik <Dirk-Willem.van.Gulik@BBC.co.uk>
- Date: Tue, 8 Feb 2011 10:47:23 +0000
- To: nathan@webr3.org
- Cc: Henry Story <henry.story@bblfish.net>, WebID XG <public-xg-webid@w3.org>, Martin Gaedke <martin.gaedke@informatik.tu-chemnitz.de>
On 8 Feb 2011, at 10:29, Nathan wrote: > Henry Story wrote: >> <webr3> like the US too > > http://www.nist.gov/nstic/ If you want to see (or play with it) - have a look at EJBCA.org - it will happily do software/file based certs/keys - so one can experiment quite a bit without needing much chipcard readers or HSM kit. >> It would be intresting to see if browsers can interact with these cards, if they contain an X509 certificate, and if these could contain a WebID. > > Firefox does to some degree, it's the most advanced crypto wise: > > https://developer.mozilla.org/en/javascript_crypto > > There is scope to get this "in to" all the browsers, because it simply needs spec'd properly, and it's one of the to-do (html wg or webapps) specs which needs an editor / written.. Keep in mind that a lot of the current chipcards, identitycards, ecards, tax-office cards and signing cards are pre-made by some issuer (e.g. the passport office or the chamber of commerce) rather than at home. So that means you just have the right PKCS#11 dll/.so installed which gets picked up by your browser. And even if there is a plugin (like *) they are just a thin stub (See http://nauseamedialis.org/belgian_eid_archlinux - the register.html page just tells your browser where the pkcs#11 middleware is - the rest is nothing to do with that - but pure mngt UI). And it is increasingly common to have that *html page & DDL sitting on the card as well - making that part appear as a FAT file system over USB. I guess that what I am trying to say is that there is a whole class of pure end user cases which need a lot less from the browsers than the full manage-yourself case. Dw *: https://addons.mozilla.org/en-US/firefox/addon/belgium-eid/
Received on Tuesday, 8 February 2011 10:48:28 UTC