Smart Card Authentication with ASP.NET

Here is an interesting link that I found on implementing Smart Card Authentication with ASP.NET –


Smart Card Infrastructure Whitepaper Published

The Smart Card Infrastructure White paper has been published on the download center –  This paper has detailed information on Windows Smart Card Infrastrucure.  Feel free to use this blog to send in your comments, suggestions and enhancements.


Smart Card MiniDrivers and Reader Drivers

Summary list of information related to Smart Card Readers and Card Mini-Drivers  Smart Card Mini-Driver Specification: Certification Requirements: List of Mini-Drivers available on Windows Update: CardMod.h – header file download: API on MSDN: Windows Smart Card Framework Presentation (educational): Smart Card Readers: PC/SC Standards support and Windows Logo for Smart Card…


Smart Card Credential Providers

Vista ships with “Password” and “Smart Card” Credential Providers.  Some vendors are interested in writing custom credential providers.  Check out for latest and up-to-date information on how to write Credential Providers.  Credential Provider Samples are available here:  For comments or questions about these samples, please contact If you are writing a custom…


PC/SC Standards support and Windows Logo for Smart Card Readers and Drivers

Windows (upto and including Vista) supports only PC/SC v1.0.  As a part of Windows Vista, there is a standard USB-CCID class driver in-box.  This means that any USB Smart Card reader which is USB-CCID compliant, will not need any additional drivers – they just work when plugged in.  To get a Windows Logo for the…


Turning on S/MIME (Digital Signature/Encryption) in Outlook 2007

Digital Signature and Encryption can use Smart Card based Certificates in Outlook.  In Office 2007, Select “Tools” à “Trust Center” à “Email Security” See the attached image for configuration.   If you have had an email change from to and so the email address is different on your certificate compared to your exchange information….


Smart Card Logon on Windows Vista

Differences in Vista Smart card logon under Windows Vista has changed in several key aspects.  The primary differences are highlighted below: ·         Logon is no longer triggered to smart card insertion.  Users are required to press Cntrl+Alt+Del (CAD) to start the logon process ·         Valid certificates are enumerated and displayed from all smartcards and presented…


Smart Card Tools and debugging

CertUtil is a tool available on Windows Vista and Windows 2003 Server Admin Pack CertUtil (tool available on Vista and W2K3 Admin pack) Listing Certificates available on the card: Command to list Certificates available on the Smart Card: certutil –scinfo Entering PIN is not required for this operation.  Hitting Escape at each PIN dialog will work…


Smart Card Resource Manager Service

The Smart Card Resource Manager (SCRM) provides the basic infrastructure that all other smart card components.  It manages smart card readers on the system and application interactions.  It is fully PC/SC 1.0 compliant.   The smart card resource manager is implemented as a shared service living in an svchost process.  It runs in the context…


Smart Card related Group Policy Settings in Vista

The following table illustrates the Group Policy Settings that can be used on a per-machine basis.  There are no settings on a per user basis.  Some of these settings can be applied only to a Vista level functional domain – for example Domain Hints.  All of the keys are located under \Policies\Microsoft\Windows\SmartCardCredentialProvider and \Policies\Microsoft\Windows\CertProp hierarchy….