Hello. I had the idea for a project to make websites only accessible if a user has a smartcard with a certificate/key. The purpose is purely educational without commercial results, I merely want to learn more and hopefully some day work within that area. :)
My idea is as stated that users are required to have a smartcard to access a website and this is done in 2 steps; 1) On the client side I assume I need to build a PKCS#11 module to add to Mozilla for accessing a certificate on a smartcard? 2) For the serverside I must create a CA and create certificates for the smartcard users, configuring the website to require this certificate to set up a SSL connection. The hard part I realize is the first step, I am a little familiar with PKCS#11 but no experience in smart cards. The second part shouldn't be too hard, I have to figure out how to make the website request a specific certificate from Mozilla. My question is, am I totally out in the blue or do I seem to be on the right track? I am very new to this subject so please have some patience with me while I learn. :) Thank you. _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
