andreas wrote: > Hello. > I had the idea for a project to make websites only accessible if a user has a > smartcard with a certificate/key. > The purpose is purely educational without commercial results, I merely want > to learn more and hopefully some day work within that area. :) > > My idea is as stated that users are required to have a smartcard to access a > website and this is done in 2 steps; > > 1) On the client side I assume I need to build a PKCS#11 module to add to > Mozilla for accessing a certificate on a smartcard? > yes, although you can do certificate based client side authentication without a smartcard. > 2) For the serverside I must create a CA and create certificates for the > smartcard users, configuring the website to require this certificate to set > up a SSL connection. >
no, you don't. You can use an existing CA like StartCom (who offers windows smartcard user logon certs, the only public CA to do so) to handle the user certs for you. Feel free to contact me if you need additional help. <http://cert.startcom.org/?app=109> _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
