[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mozilla-crypto
Subject:    PKCS#11 Module with SSL Support
From:       Bertolt Mildner <bm () utimaco ! at>
Date:       2000-07-21 15:56:26
[Download RAW message or body]

We currently have a PKCS#11 Module for smart cards that supports 
signing and encryption of e-mails. Now we also want to support SSL.

Can someone please give us some hints which mechanisms we have to 
implement to be able to do key exchange by using RSA keys and 
certificates stored on a smart card.

The problem is that Netscape doesn't use the keys and certificates 
from our card but generates a RSA key pair as a session object.
The point is we want to use the X.509 certificates to do authentication.

An other problem is that if we activate (in Netscapes security menu) 
any hash mechanism of our PKCS#11 Module Netscape reports an IO error 
when connection to a SSL secured server.

We have allready implemented MD5, SHA-1, DES(CBC, ECB), RSA.

What attributes must or must not be set for the RSA keys that Netscape
uses them for SSL.

Many thanks in advance!

-- 

Utimaco Safeware AG - The architects of information security.

Bertolt Mildner
Developer in Smartcard Team

Tel.       +43 732 655755 42
Fax.       +43 732 655755 5
eMail      mailto:Bertolt.Mildner@utimaco.at
WWW        http://www.utimaco.com

[prev in list] [next in list] [prev in thread] [next in thread]