Signing with app via localhost binding
Added by Jonas H over 6 years ago
I recently read a paper from Detlef Hühnlein, Johannes Schmölz, Tobias Wich and Andreas Kühne about the possibilities to create signatures with the open ecard app.
Is it currently possible to use this signing feature via the localhost binding or if not via any other binding?
Thank you for your support!
Replies (2)
RE: Signing with app via localhost binding - Added by Detlef Hühnlein over 6 years ago
Dear Jonas,
the approach sketched in the paper mentioned above has been refined by now to form the "ChipGateway Protocol" in which the
heavy computation (e.g. PDF-manipulation to create PAdES) has been shifted to a server. This protocol
is currently about to be standardised at OASIS (see https://www.oasis-open.org/committees/download.php/60049/ChipGateway-Specification-OASIS.pdf ).
We presented a working prototype in spring (see https://dev.openecard.org/boards/2/topics/209) and we will soon release v1.3.0 of the Open eCard App,
which will support this functionality. Please do not hesitate to contact us again, if you do not want to wait for the release and become beta tester.
BR,
dh
RE: Signing with app via localhost binding - Added by Jonas H over 6 years ago
Hello Detlef,
thank you for your prompt reply!
I just scanned the Chip-Gateway specification: It is exactly what I was looking for.
While reading the document one question came to me:
- is the server certificate used in step (5) of the specification to sign the challenge just a standard TLS certificate or do I have to implement a special signing-certificate on my server?
Regarging the version 1.3.0: Yes I would really appreciate it if it would be possible to get a beta preview of version 1.3.0.
Just a short notice concerning the spec: There are some broken references in the specification document e.g. on page 38.
Best regards,
Jonas