I'm interesting in exploring possibility to authenticate user using their Digital Certificate.
The methodology is to first register the DSC from the user and keep their Public key along with Serial No. and Name etc. Later when user selects the same DSC at login page then encrypt some data from their private key and transfer the same over internet to Web application and decrypt using their registered public key (identifying the public key using serial no and name). The PC can then be authorized for certain period using cookies.
Please guide.
Aucun commentaire:
Enregistrer un commentaire