Using the W3C WebCrypto API for Document Signing
In this paper, the authors focus on digitally signing documents as a specific use case for making secure hardware available to a web application. They explore the current options available to implementers and the drawbacks associated with each option. Then they look at the emerging web cryptography API developed by the W3C and discover missing functionality needed to implement this use case. Finally, they suggest a way to extend the API in order to support digitally signing documents using secure hardware.
Subscribe to the Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays