MacityNet ||| MacProf | Usato ||

Digital Signature with Smart Card for Mac:
the first solution comes from Italy
by Settimio Perlini

Digital Signature is a strong need for people working in the enterprise and small busines enviroment since more and more Public Administrations, as for Italy, are asking to "digitally sign" the documents to be sent in order to validate the trasmission of critical data for tax purposes, administrative tasks and "secure" transactions between the companies, the individuals and the central o peripheral federal offices.

The Mac platform hadn't, until today, an hardware/softare solution to comply with the requests of data secured by a Digital Card reader (like IPM) that was first conceived for Windows and a serial connection: all the new Macs have USB ports and you had to buy an adapter to connect to the card reader, but hardware was the minor problem: (in the last month several USB devices has surfaced in the market) if you hadn't the right software to talk with the card you were out of luck and even if the the Italian chief office of Infocamere stated that digital signature procedures for registering companies would obtain a "cross platform" status by the end of 2002 the result would be impossibile to achieve without the collaboration of Apple Italy ad the efforts of good develepers.

Let's talk about it with Matteo Centro of altEra, Apple's partner in this case, who succeded in the software development that allows Mac owners to sign, with a Smart Card, their digital documents.

- Matteo, how did it started? How altEra was involved in the project?
altEra's core business is developing web applications, we use Apple's WebObjects for most projects.
We are also partners with Apple Services for consulting and Training on WebObjects, so we are in very close contact with Apple Italy.
People in altEra have strong unix and cryptography skills, so Apple thought we were the right people.

- The main problems in setting up a solution were related on hardware or software?
Well, mostly in software, a smart card is... "smart": it has firmware on board and every card type has its own.
To be able to communicate with the card we need a library that has to be provided by the card manufacturer.
Unfortunately card manufacturers provide libraries only for the Windows platform.
In this case, Infocamere (the CA) asked Incard (the card manufacturer) to port their PKCS#11 library to the MacOS X Platform.

- The hardware side: how many models of smart card readers can you use now, and in the future?
I have to point out that you don't just walk out and buy a smart card reader, so it wasn't very easy to test the readers.
In theory we can use any PC/SC compliant USB reader that has a driver for OSX. For the moment we are using Gemplus GemPC430 with an open source driver.

- Do you have a long term experience in Apple or Unix programming?
Yes, some of us develop on Mac since 1986 and we are all unix fans, so OSX is our dream operating system!- Are you working on a Unix port based on Mac OS X experience?
Not at the moment, we are evaluating the possibilities.

- Will it be easy to port the solution for other Italians (and/or abroad) administrive offices' requests?
As long as there are PKCS#11 libraries available for a specific card, we will be able to support it.

- Your solution can be acquired by other companies for writing software that manages smart card?
That is our goal in the second phase of this project: we are writing a library that other developers can use to implement digital signatures in their applications.- How Apple Italy helped you?
We are in close contact with Apple Italy, they "officialized" our effort and they supported us while dealing with Infocamere and other CAs. We are also speaking with Apple Worldwide in Cupertino for a broader integration of digital signature with OSX's CDSA.

- Mac Platform and you: what are the reasons for developing in a mixed consumer-Gui/Unix-engine operative system like Mac OS X?
It's simply the best OS I have ever seen, the development environment is really powerful and we have a lot of open source software available.

The first version of the application will be shown on september, 26 in a special meeting with Infocamere, altEra and Apple Italy. A beta version of the software should be available at the end of September 2002.

See the Italian Version of these page - go to MacityNet main page