StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>It is not possible to use the user's private key on the Server. This would effectively nullify the benefits of using a Smart Card. In fact, security operations will be performed ON the Smart Card.</p> <blockquote> <h1>Strategy for Supporting Smart Cards</h1> <p>Microsoft views smart cards as a key component of its Public Key Infrastructure (PKI) support. Smart cards enhance software-only solutions, such as client authentication, interactive logon, and secure e-mail. Smart cards are a point of convergence for public-key certificates and associated keys because they:</p> <ul> <li>Provide tamper-resistant storage for protecting private keys and other forms of personal information.</li> <li>Isolate security-critical computations involving authentication, digital signatures, and key exchanges from other parts of the system.</li> <li>Enable portability of credentials and other private information between computers at work, at home, or for mobile users.</li> </ul> </blockquote> <p>Source: <a href="http://technet.microsoft.com/en-us/library/dd277376.aspx" rel="nofollow">Smart Card Concepts</a></p> <p>As you can see, one key aspect is to isolate security critical operations from the rest of the system. The only way to perform encryption with the user's private key is to use the Smart Card reader (the hardware itself). Since there's no way to access the client's hardware from a server side ASP.NET webpage what you try to do isn't possible. </p> <p>The only way to achieve this is to use a client side component. </p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload