Question
Reading smartcard keystore from browser for digital signature vs using it for authentication, why for digital signature keystore we have to use applet (run some code on client machine to read the key) vs for authentication browsers reads the keys without any applet or plugin etc.How smartcard lists smart card keys without any javascript or applet code.
Solution
digital signature functionnality is not yet implemented in web browsers APIs. A standard API is under work: WebCrypto. See http://www.w3.org/TR/WebCryptoAPI for an overview and more specifically http://www.w3.org/TR/WebCryptoAPI/#document-signing.
By the way, the keys are never read from the smartcard. The operation on the private key must always be made by the smartcard itself to ensure the key privacy.
OTHER TIPS
The authentication part is handled by the TLS/SSL implementation, which is an intrensic part of the browser. There is no need to perform digital signature generation by the browser, so that is not included.
Of course not all browsers implement smart card functionality, and the ones that do may do it differently (e.g. IE uses the latest Microsoft proprietary API available when that version of IE was developed, and Firefox uses PKCS#11 through NSS).
https://stackoverflow.com/questions/22612062
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian