Browser Plug-in Workflow

We are in the process of developing the eID Browser Plug-in. This will be divided into two parts, one plug-in and the second underlying application, which will do the real work.

We just discussed about the basic workflow of messages/actions in the browser plugin. I’ll just summerise what we have decided on.

Starts with the browser plug-in in the user’s browser.

  • Browser page detected – using some tags or some other method
  • Get the signed policy file from the Relying Party
  • Get user acceptance to the policy
  • Pass it down to the application

Now the underlying application will take control.

  • Application access the eID card (Smart Card/USB)
  • Do signing and encryption as needed
  • Policy need to be signed by the user to ensure acceptance
  • Send to Web Service

Now the ball in the court of WS. It does whatever it need to do and it will reply to the application. Application gets control again.

  • Analyse the received reply
  • Send back the reply to the browser plug-in

Control back to the plug-in. Send the reply back to the Relying Party website, and the user continues to do this stuff at the site.

This might be a long list but this need to happen within about a 15-30 seconds, and I think Shayanthan and Ramanan will make sure this works. Will keep updated one more soon.

Filed under Articles, News