> for signWithUserConfirmation > as I know, that requirement was raised because of regulations of some > countries. > it is UI specific function and need some fixed UI (already > mentioned spanish DNIe) > I think we need some control for that with CSS style > the very important concept is "the content that user is viewing on the > screen" must be same to sign source.
Spanish DNIe shows their own UI which says "you are going to sign some data...". I dont know if it is harcdoded on pkcs#11/csp libraries (looks like a winapi dialog on windows), or its made on card...but ill love to skip it when doing sign-batch operations! I think you are talking about other thing. Indeed what you think you are going to sign and what you are signning MUST be the same. Tax ministry is spain, for example, uses firefox *UNCOOL* displaying something like an xml: You are going to sign this, please review and confirm: <asdasdadasda><node><0000><wtf is this...> IMHO, that is an horrible user-unfriendly experience, and should be replaced from something visual, like a image or pdf like. (but how???) > I think DOMCryptAPI must be work. base64 encoding is one of good > considerations but that is not so user friendly. user-friendly <> devel-friendly. > for smartcard supporting > I think PKCS#11 is the best choice I can think. > the key pair(public and private) will be stored at secured browser keystore > (the existing) > the browser keystore can be connected to smartcard with PKCS#11 interface. > even in Korea, Smartcard emulated USB token is widely spreading and P11 is > becoming base technology There are some concerns about privacy and security regarding this. If you let a browser access smartcard, even displaying a warning and requiring a PIN, you must think what security risk you are opening to. I also think PKCS#11 its the best option, but still in discussion. > - resistant for Key-Logger : normally onscreen keyboard is used. but in > future more good solutions can be used i love the shuffled numeric pads some banks use > - resistant for virtual memory hacking : even with SSL communication, the > private information is searched in virtual memory area (like windows > pagefile.sys). the DOMCryptAPI must have memory cleanup logic. <offtopic alert> could anyone give me a link where i can learn how to "malloc" safe memory? (Actually just erasing after use :( ) -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
