Under the skin of GemSAFE card is a GPK card. GPK(8000 & above)card supports SSL
1024-bit RSA signature. Hence, I don't think there should be any problem integrating
GPK8000 with an SSL application.
>>Douglas wrote:
>>I would like to hear on people's experiences about SSL client authentication using
>certificates >>and private keys stored in smart cards.
But, if your requirement is SSL client authentication, why don't you look at GemSAFE
Enterprise Workstation. It provides precisely this service(apart from Secure Email &
Smartcard Logon) without you writing a single line of code. For more info, logon to
http://www.gemsafe.com
NOTE: To be precise, as of now there are 4 GemSAFE cards.
(1) GemSAFE GPK - GemSAFE on a Gemplus Public Key Card,
(2) GemSAFE GemXpresso - GemSAFE on a JavaCard
(3) GemSAFE GemShield/GemSTART - GemSAFE on a Windows Card
(4) GemSAFE Multos - GemSAFE on a Multos Card
Warm Regards
----------
If you aren't part of the solution, you are a precipitate.
- Anonymous
>-----Original Message-----
>From: Gila Sheftel [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, January 10, 2001 1:28 AM
>To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
>Subject: Re: [OCF] Smart cards and SSL
>
>
>
>Hi Douglas,
>
>I am able to authenticate with an apache-ssl server (the only
>one I have
>tried it with, but really the issue is client-side anyway)
>using a GPK8000
>card, specifically the Gemplus GemSafe card. I'm not sure this
>will be of
>any use to you as it does not involve either OCF or JSSE - the
>method used
>was simply the GemSafe Workstation wrappers for PKCS11 (under
>Netscape) or
>Microsoft IE's CSP for storing the certificate to the card.
>
>Both browsers have an option after you install GemSafe that
>allow you to
>save the certificate to your card rather than to your hard
>drive when you
>sign up for a certificate -- you simply choose that option and
>the browsers
>know to store and also look for the information on your default reader.
>
>I wish I could be more helpful, I think I have a readme of the process
>around somewhere if you would like to read it,
>Gila.
>
>At 05:11 PM 1/9/01 -0300, [EMAIL PROTECTED] wrote:
>
>>Hello,
>>I would like to hear on people's experiences about SSL client
>>authentication using certificates and private keys stored in
>smart cards.
>>Particularly, I would like to know whether anyone has already
>used JSSE
>>(http://java.sun.com/products/jsse/) 1.0.2 to open an SSL connection
>>between two endpoints that authenticate themselves to each
>other using a
>>smart card. I think this is an important proof of concept for
>us using or
>>learning to use OCF and I look forward to using this in my
>future projects.
>>Regards,
>>Douglas
>
>..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..~..
>Gila Sheftel Developper, R&D, CTO Group
>Gemplus Inc. (514) 732-2459
>
>Noir comme la nuit, chaud comme l'enfer, doux comme l'amour,
> et pur comme un ange.
>
>-- Henry David Thoreau, talking about how he likes his coffee. :)
>
>
>
>---
>> Visit the OpenCard web site at http://www.opencard.org/ for more
>> information on OpenCard---binaries, source code, documents.
>> This list is being archived at
http://www.opencard.org/archive/opencard/
! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
! [EMAIL PROTECTED]
! containing the word
! unsubscribe
! in the body.
---
> Visit the OpenCard web site at http://www.opencard.org/ for more
> information on OpenCard---binaries, source code, documents.
> This list is being archived at http://www.opencard.org/archive/opencard/
! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
! [EMAIL PROTECTED]
! containing the word
! unsubscribe
! in the body.
