Signature with Smart Card for Mac:
first solution comes from Italy
Signature is a strong need for people working in the enterprise
and small busines enviroment since more and more Public Administrations,
as for Italy, are asking to "digitally sign" the documents
to be sent in order to validate the trasmission of critical data
for tax purposes, administrative tasks and "secure" transactions
between the companies, the individuals and the central o peripheral
The Mac platform hadn't, until today, an hardware/softare solution
to comply with the requests of data secured by a Digital Card reader
(like IPM) that was first conceived for Windows and a serial connection:
all the new Macs have USB ports and you had to buy an adapter to
connect to the card reader, but hardware was the minor problem:
(in the last month several USB devices has surfaced in the market)
if you hadn't the right software to talk with the card you were
out of luck and even if the the Italian chief office of Infocamere
stated that digital signature procedures for registering companies
would obtain a "cross platform" status by the end of 2002
the result would be impossibile to achieve without the collaboration
of Apple Italy ad the efforts of good develepers.
Let's talk about it with Matteo Centro of altEra,
Apple's partner in this case, who succeded in the software development
that allows Mac owners to sign, with a Smart Card, their digital
- Matteo, how did it started? How altEra was involved in
altEra's core business is developing web applications, we use Apple's
WebObjects for most projects.
We are also partners with Apple Services for consulting and Training
on WebObjects, so we are in very close contact with Apple Italy.
People in altEra have strong unix and cryptography skills, so Apple
thought we were the right people.
- The main problems in setting up a solution were related
on hardware or software?
Well, mostly in software, a smart card is... "smart":
it has firmware on board and every card type has its own.
To be able to communicate with the card we need a library that has
to be provided by the card manufacturer.
Unfortunately card manufacturers provide libraries only for the
In this case, Infocamere (the CA) asked Incard (the card manufacturer)
to port their PKCS#11 library to the MacOS X Platform.
- The hardware side: how many models of smart card readers
can you use now, and in the future?
I have to point out that you don't just walk out and buy a smart
card reader, so it wasn't very easy to test the readers.
In theory we can use any PC/SC compliant USB reader that has a driver
for OSX. For the moment we are using Gemplus GemPC430 with an open
Do you have a long term experience in Apple or Unix programming?
Yes, some of us develop on Mac since 1986 and we are all unix fans,
so OSX is our dream operating system!- Are you working on a Unix
port based on Mac OS X experience?
Not at the moment, we are evaluating the possibilities.
Will it be easy to port the solution for other Italians (and/or
abroad) administrive offices' requests?
As long as there are PKCS#11 libraries available for a specific
card, we will be able to support it.
- Your solution can be acquired by other companies for writing
software that manages smart card?
That is our goal in the second phase of this project: we are writing
a library that other developers can use to implement digital signatures
in their applications.- How Apple Italy helped you?
We are in close contact with Apple Italy, they "officialized"
our effort and they supported us while dealing with Infocamere and
other CAs. We are also speaking with Apple Worldwide in Cupertino
for a broader integration of digital signature with OSX's CDSA.
- Mac Platform and you: what are the reasons for developing
in a mixed consumer-Gui/Unix-engine operative system like Mac OS
It's simply the best OS I have ever seen, the development environment
is really powerful and we have a lot of open source software available.
first version of the application will be shown on september, 26
in a special meeting with Infocamere, altEra and Apple Italy.
A beta version of the software should be available at the end of
the Italian Version
of these page - go to MacityNet