How to digitally sign an xml document through a client browser?

Question

How to digitally sign an xml document through a client browser?

When I visit a site that requires a client-side certificate, the browser automatically opens a pop-up window asking which personal certificate I would like to use to connect.

Is there a similar provision for signing an xml document using HTML5 or Flash? Otherwise (installing the application on the client machine) is the Java applet the only way to cross-browser?

+4

cross-browser xml client-side digital-signature x509certificate

Rômulo ceccon Feb 23 '11 at 14:41

source share

1 answer

Eugene Mayevski 'Allied Bits · Accepted Answer · 2011-02-23T15:27:04+0000

At the moment, you need to create your own client module, which will somehow request a document (or just a document hash) from the site, sign it and send it back to the server. The problem (in addition to writing your own module) ensures that the user signs what he sees, and not the data that any MITM attacker clicked on the client.

We are currently completing our solution for distributed signing of various data using a set of reusable client module. This solution will be available in May as part of version 9 of our SecureBlackbox product.

Update: SecureBlackbox 9 beta is available and includes distributed signature modules.

How to digitally sign an xml document through a client browser?

More articles: