Emiliano Albiani wrote:
> Hi,
> I'd like to use N6.1 to establish HTTPS connections to my company secure
> web server. I'd like that all the emploies could have their private key
> stored in a protected database on their own cd card.
> Any suggestions!
The easiest way to do this is to write a pkcs#11/cryptoki module for
your cd card.
Example code form some pkcs #11 modules are available in mozilla security:
mozilla/security/nss/lib/fortcrypt -- Fortezza PKCS #11 module.
mozilla/security/nss/lib/softoken -- NSS's internal pkcs #11 module it
uses to access it's internal database.
mozilla/security/nss/lib/ckfw -- the beginnings of a framework for
writing cryptoki modules (sample built-in root certs module in the
directory).
I'm not sure what a CD card is, but if it doesn't have password
protection on access to it's data, then I might suggest looking at other
security tokens like smart cards/java cards, iButtons, USB tokens,
memory sticks, etc. Most of these devices include vendor supplied PKCS
#11 modules, and tokens like smart cards have a full infrastructure of
card printers and bulk issuance software.
bob
>
> Thanks in advance.
>
> Emiliano Albiani.
>
>
