Hi there,
<http://opensignature.sourceforge.net/english.php>http://opensignature.sourceforge.net/english.php
These guys
I suppose I'm one of these ;-)
have concluded that Java applets are bad and that you
should exclude the browser altogether by using something called
URL Programming Interface, which in essens hosts a local web-server
for handling the crypto and signature stuff.
You can find some more info here:
http://openportalguard.sourceforge.net/upi.pdf although this is a bit
outdated and the issue is also addressed in my recent presentations, e.g.:
http://www.porvoo8.rrn.fgov.be/porvoo8/doc13/09_porvoo8-bruegger18_Italy.pdf
and
https://www.cosic.esat.kuleuven.be/modinis-idm/twiki/pub/Main/Workshop2Presentations/2005-11-15_modinis-idm_presentation_Bruegger.pdf
I should already have written a problem statement for the eForum eID
working group but am a bit behind on this. I could post a rough abstract
of it in case anyone was interested.
There's also a minimal prototype implementation by Sirio Capizzi.
I believe this is similar to the Austrian scheme, although a bit less
documented.
Yes, I think this is correct. I'm in contact with A-SIT on this issue and
I'm hoping that we can end up with a common approach on this. One major
difference between the Austrian Citizencard approach and what we are doing
is when to use the UPI approach: The Austrians use it also for
authentication while we think that this is already standardized (SSL/TLS)
and implemented in current browsers and works just fine. So for us, UPI
steps in where there current standards are lacking.
The problem is the addition of another attack vector, and having to
authenticate to it (unless the process can look at the TCP connection
list and see what process opened it, then get the credentials of that
process to see who it's supposed to impersonate). This could be
mitigated by having it only listen on 127.0.0.1 on some strange port,
but it's still not that great.
We strongly believe that we need a solution that gives us a single point of
control across various web applications that need signature services. This
should create a central control for policy, look and feel, and security
auditing. It should also provide the trusted viewer (that can render in
HTML in the browser...). The solution should be multi-platform and
multi-browser.
UPI is the only approach that we have found so far that satisfies these
requirements. It currently listens only to localhost on a pre-specified
port. We plan but haven't started to do a security analysis of the
approach. If there was a way of limiting access of the UPI to only a
certain browser application and user, then that would be really nice. Any
idea of how to do this?
best cheers
-b
-------------------------------------------------------------------------------------------------
Ing. Bud P. Bruegger, Ph.D. +39-0564-488577
(voice), -21139 (fax)
Servizio Elaborazione Dati e-mail: [EMAIL PROTECTED]
Comune di Grosseto jabber: [EMAIL PROTECTED]
Via Ginori,
43 http://www.comune.grosseto.it/cie/
58100 Grosseto (Tuscany,
Italy) http://www.comune.grosseto.it/interopEID/
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
