Restrict browser plugin usage to specific servers?

Question

For a new banking application we are currently discussing the details of a browser plugin installed on client PCs for accessing smartcard readers.

A question that came up was: Is there a way to restrict the usage of this plugin to a specified list of domains? It should prevent any third-party-site to use the plugin just by serving some <embed/object>-Tag.

The solution should be basically browser-independent. It may include cryptography if neccessary, but should only result in moderate implementation overhead in the plugin code.

Ideas, anyone?

---

I know there exists a MS solution called SiteLock, but that's only IE.

Answer 1

You could hard code the list of authorized domains into the plugin itself.

Alternatively, you could expose a web service which will deliver a list of authorized domains. The plugin could make a call to your web service when instantiated to determine whether it can be started or not.

Answer 2

We came up with this idea: (described for one server)

The plugin carries a public key A. The plugin creator issues a certificate to the server's public key B. The server starts the plugin within a HTML-page and provides these parameters:

• several allication sepcific parameters
• the certificate
• a digital signature

Then the plugin will start and first of all perform these checks:

• verify the certificate with the public key delivered within the plugin
• verify the signature with the public key from the certificate
• if verification was OK then proceed, else terminate.