This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
I am writing a simple project on digital signatures implementation using JAVA Technology. The following is the planned steps for implementation of my project
1. web design(form+attachments)
2.we should able to sign HTML form + attachment by a user digital certificate/digital signatura.
3.server should verify the digital certificate/signature.
4.server should send acknowledgement to user
5.adminstrator should be able to view the verified /siginde document+form
by using LA server/Ldap server/java server
Expecting your valuable suggestions
Thanks in advance
What do you mean by "signing an HTML form + attachment"? Signing the HTML file? Submitting the form over a secure channel? Something else?
More generally: What is the security objective you're trying to achieve by all of this? What are you trying to guard, and what are you trying to guard against?
Joined: Mar 28, 2010
Surely i want submitting a form data over a secure chaanel,
My objective is to submitting my form data signed with a digital signatur ,who provides facility to identify the form submitter>. and my server can verify the digital signature and give a acknowledagement to user.
in more generally::
Joined: Mar 22, 2005
HTML forms have no concept of using a digital signature. But I think TLS/SSL can be set up to require a client certificate.
Can you guarantee that all users who wish to access the web app will have a personal certificate? Because most likely the web app won't be so special that users will go out and get one just to be able to use it.
Joined: Mar 28, 2010
I sure my web apps client have a certificate, how can i sign their form field and their attachement with user certificate and send back acknowledage to user. how can i set upTLS/SSL to require a client certificate.
can i m able able to setup my web app to sign clients form data with client certificate by using LDAP server!!!