I doubt that SCP01 (is that what you refer to or what?) is useful in browsers but I leave that for you guys to find out :-)
Gemalto has/is also pushing this concept though: http://w2spconf.com/2009/papers/s4p4.pdf My opinion is that you need a subsystem in the browser, like an upgraded <keygen> to actually get somewhere because the PC/SC approach exposes the card API to untrusted browser code and that is a genuinely baaaaaaaaaaaaaaaaaaaaaaaaaaad idea. Anders Martin Paljak wrote: > On Apr 29, 2010, at 08:43 , gilles Bernabé wrote: >> Oh interesting, but Java is much more heavy, if I remember correctly the >> Java plugin(JRE + JDK) is more than 40mb, the XPCOM plugin just takes some >> kb once installed. > > The ups and downs of Java have been interesting, but these days, with 1.6 > supporting javax.smartcardio it has become quite sexy - no need for locally > installed software or scary JNI bridges (like PKCS#11) so it is possible to > implement card access software entirely inside and applet so that nothing > needs to be installed on the client side. And of course - applets work almost > in every browser whereas XPCOM does not. > > BTW, NPAPI is a much better framework for a browser plugin that would work on > more browsers. Or check out Firebreath [1] > > [1] http://code.google.com/p/firebreath/ > _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
