On Wed, 17 Mar 1999, Martin Sigbjorn wrote:
> I need information on how I can use smartcards with Netscape
> Navigator/Communicator and Internet Explorer, in order to perform secure
> authentication of a user. I know these browsers have support for
> smartcard authentication through certificates and SSL but I don't know
> how it works (or how to make it work). Is it possible just by the
> presense of PC/SC drivers + reader + card, or do I need additional
> software?
Of course you need additional software to make the whole stuff work...
For Netscape, you have to write a PKCS#11 module which will perform the
necessary cryptographic operations (basically RSA sign/verify and
crypt/decrypt).
For MSIE, you'll have to write a CSP (Crypto Service Provider) that will
do pretty much the same, and it MUST be signed by Microsoft (the key is
operated by the NSA, maybe it's just the opposite, but the 2 are involved
in the process). This CSP will also have to check for wether the original
CSP is a basic or enhanced version (512/1024 bits for RSA, 40/128 bits for
RC2 and others). I don't know if your source will have to be reviewed for
it to be signed...
The easiest will be to start with Netscape... But you'll have to learn
about PKCS#1, PKCS#8, and PKCS#10 (maybe also PKCS#7). The PKCS documents
are available freely on <http://www.rsa.com>.
You've got a very hard work to do..... Good luck ;-)
--
Erwann ABALEA
System and Development Engineer - Certplus SA
[EMAIL PROTECTED]
- RSA PGP Key ID: 0x2D0EABD5 -
***************************************************************
Linux Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/smartcard/index.html
***************************************************************
