[SmartcardServices-Users] Italian social services smartcard

Luca Accomazzi misterakko at gmail.com
Sun Aug 7 12:00:41 PDT 2016


First, a bit of context.

I hold a doctorate on computer science, and it’s possibile that I’ve been using Apple computers since before you were born (this is a picture of the first original software package I bought: https://cuoredimela.accomazzi.it/images/1-software-per-apple-ii.jpg) but I know next to nothing about smartcards (even if I am familiar with DH theorem, keys, certificates, yadda-yadda).

Now for the problem. All Italian citizens are issues one of these smartcards:
http://www.migrando.it/UserFiles/Image/News/454_sanitatesserasanitaria.jpg
we normally use them at the doctor’s and inside hospitals to be identified and to get appointments.

For my next book, I’m trying to understand how it might be possible to use Macs to access some social services that a few Italian regions and the national administration are supposed to offer to their citizens via those things. Most administrations here ignore Mac users, all official websites but one do not offer instructions for macOS, the one that does suggests an incredibly byzantine procedure mandating the use of Firefox and last updated during Mavericks’s lifetime.

For example, I’m supposed to be able to go here
https://telematicisc.agenziaentrate.gov.it/ClientReg/Abilitazione/AbilitaSmartCardVerifica.do
do a first access using my card and a PIN I’ve been issued, then go here
https://telematicisc.agenziaentrate.gov.it/ClientAuth/Login
and pay my taxes or ask for refunds.

I’ve been googling the issue for the last couple of days and nobody here seems to make head or tails of this. I could only find a document saying that the card contains an X.509 certificate, RSA 1024 bit public-private keys and a few other personal identification informations.
My dream is to be able to take the darn private key from my card (I do have a reader at hand, it’s an ACR38 from these guys: http://www.acs.com.hk/en/driver/4/acr38-smart-card-reader/) , save it in the Keychain and forget about the smartcard. If I were asked to engineer a security system I would not allow copying the private key, though, so I realize this is likely impossible.

Help please (and I probably left of quite a few important details, so ask me anything).

Thanks in advance,
Luca 


More information about the SmartcardServices-Users mailing list