BOUNCE Non-member submission from [Remo Tabanelli Martin Sigbjorn wrote: > I need information on how I can use smartcards with Netscape > Navigator/Communicator and Internet Explorer, in order to perform secure > authentication of a user. I know these browsers have support for > smartcard authentication through certificates and SSL but I don't know > how it works (or how to make it work). Is it possible just by the > presense of PC/SC drivers + reader + card, or do I need additional > software? > *************************************************************** > Linux Smart Card Developers - M.U.S.C.L.E. > (Movement for the Use of Smart Cards in a Linux Environment) > http://www.linuxnet.com/smartcard/index.html > *************************************************************** You need PKCS#11 software for netscape and a CSP (cryptographic service provider) software (that can be mapped on top of the pkcs#11 layer or not) for IE.... CSP is the proprietary cryptoApi from MS.... The first problem that you probabli will encounter is that (because PKCS#11 exactly as the CSP) is merely an API the so called cryptoky (the software interface) will hide the lower layers of the sotware (such as the card reader driver, the smartcard driver ...and so on) you have to deal with some complexity in writing ONLY ONE PKCS#11 (or CSP) interface instead than multiple interfaces (one for each couple... combination of card and reader). You can probably find a card manufacturer (such as schlumberger) that can give you the entire "chain" (pkcs#11+pc/sc+rader+card) ... but there is a bad new (a good new for the manufacturer on the other side) .. and the bad new is that all the layers are a "monolitic bloc" making impossible for you to use the sofware for other devices (other cards and readers). The absence of real standards of interoperability (standard that you may use to read the card Y on the reader Z and the same card Y on the reader X using the same high level interface) is the biggest obstacle to the diffusion of "real world" applications using smartcards. This is also the reason why initiatives and effords like MUSCLE make a lot of sense. Remo Tabanelli *************************************************************** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***************************************************************
