iPad OS 15 Safari Extension Support

[WMRamadan]

As of iPad OS 15 release, Safari for iPad/iOS now supports extensions.

Will the Safari Extension be ported over to iPad/iOS Safari Extensions?

[metsma]

For now seems like iOS does not support native messaging in web extensions which is critical for communicating smart card https://developer.apple.com/documentation/safariservices/sfsafariapplication/2823941-dispatchmessagewithname?language=objc

[WMRamadan]

For now seems like iOS does not support native messaging in web extensions which is critical for communicating smart card https://developer.apple.com/documentation/safariservices/sfsafariapplication/2823941-dispatchmessagewithname?language=objc

Should this then be done from the digidoc app, where the certificate is loaded by the app then whatever website requires the authentication it can be authenticated from that saved certificate?

I believe a similar workflow is done on https://pivkey.com/ which works by reading the certificate from a smart card reader and saves it on device then asks for a PIN when authenticating with the website.

If this is possible, would it represent any security concerns?

This is already done by the following utilities: https://www.youtube.com/watch?v=m2Ox573Zk1M https://www.youtube.com/watch?v=gmxsk0AaOSE

[metsma]

Seems like this is not using web extension. Instead there is now api to provide identity maybe through keychain. It is similar to desktop how TLS authentication works.

[WMRamadan]

Seems like this is not using web extension. Instead there is now api to provide identity maybe through keychain. It is similar to desktop how TLS authentication works.

I'm not sure on the implementation details, but I believe this proves that smart-card authentication is possible in Safari on iOS/iPadOS Devices.

Should I open this issue in https://github.com/open-eid/MOPP-iOS as it would be more relevant to the digidoc app?

[kristelmerilain]

Please open this issue in https://github.com/open-eid/MOPP-iOS.