[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Signed Applets & Keystores



I was thinking that a way of providing functionality to sign data for
transmission would be to use Signed applets in the following way:

Get the browser to export it's Certificate + Private Key into a KeyStore and
use a signed applet to access this KeyStore.   The Applet would prompt the
user to enter the password for this database, which would be the same as
that of the browser.
After this is done, I have the private Key and Certificate and can create a
Signed Data object, IMPLICIT with the data.

My question:

Is the Keystore secure enough to do this, or am I introducing a major
security hole into the system.

Obviously, the Browser only allows applets signed by my private key to
execute, so the browser must trust me.

Any opinions?

Thanks,

Kevin
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce