Gervase Markham wrote:
>>If the site requires users to use certificates to authenticate to the
>>server, the standard for that is TLS/SSL. Mozilla supports the client
>>certificate feature of the IETF standard Transport Layer Security
>>protocol, RFC 2246 section 7.4.6. Netscape Communicator supports the
>>same feature of SSL 3.0, an earlier version of the same protocol.
>>
>
> I believe certificates are being used here to authenticate the user to the
> site, rather than the other way around.
>
> Gerv
>
The authentication is in both directions so that the user knows they are
talking to the Government and the Government know that this is the user
they claim to be.
It is also used to sign (non-repudiation) things like tax returns, so
that they are legally binding in the UK.
The basic idea is good, I just don't like the Microsoft only
implementation. Is there a viable alternative for use with Mozilla.
I think that my government should not require everyone to buy Microsoft
software in order to interact with the government, so I want to be able
to suggest a viable platform independant and / or open source alternative.
Steve Ball
