Trust1team - Published on : 19/10/2022 - Last update : 26/07/2023
Hello Dear Reader !
Welcome to the Trust1Connector solution evolution, corrections, modifications blog!
Here we discuss what's new in the version 3.7.0
In this blog, you will find a summary of the new features of this major new version. Then in a second part, you will have more information on resolved issues.
Finally, we will talk about what's new in future releases of the Trust1Connector.
Enjoy reading !
Overview of the newly added features
Here is a summary of all the changes made on the Trust1Connector
✅ Private Network Access
Private Network Access is a new CORS draft. Which prevents remote servers to contact local instances without any extra checks. Chrome has already implemented this draft in a non-blocking manner, the implemenation of chrome is to send 2 pre-flight requests. One which is the normal pre-flight and another one where the PNA implementation has been done.At this point the pre-flight for the PNA implementation is non-blocking meaning that if the pre-flight fails it will not block the request.When the PNA Cors draft is final this will become blocking.In this release we've already started adding some required components to support this in an upcoming release.
✅ Sync log files with DS
In this release we've implemented a feature where the Connector will send it's log files towards the DS. This is so that support desks can easily get the log files of the device which is requesting support.
✅ HTTP verify response signature
We've added a feature where you can run the Connector in regualr HTTP mode. To still be secure we've added a signature field to the responses which can be verified to not be tampered with at the client's side. This verification is implemented in the JS SDK.
Overview of resolved bugs
🔺Mutex
The API and Registry use a feature called Mutexes to have data that can be shared over multiple OS threads. Using this is necessary for some functionality. In previous versions when you have a Shared environment (citrix for example) you could make the API and Registry get into what's called a Deadlock. This caused the Mutex to never be unlocked for use by another OS thread. Causing the connector to be blocked completely. This has now been solved and has been tested on instances of 1000 concurrent devices.
🔺System time out of sync
We had a user which Operating system had a custom date set (not synced) which caused issues with DS communication. The DS communication also checks wether the time of request is not in the future or in the past (with some slack ofcourse). So if you use the Connector with a custom date you will not be able to contact the DS because it requires a request within a correct time-zone.If this is not the case it could be that a malicious user is trying to exploit the DS at which point the DS refuses the request. The issue was that this caused the Connector to crash.This has been solved so that the Connector does not crash.System time must be correct, otherwise DS communication can not be done (secrity issue)
What's planned for the next releases ?
TO CHANGE
For future releases, we plan to integrate the following elements :
Tokens :
Implementation of the Chambersign module
Implementation of the Certigna module
Implementation of the Certinomis module
Implementation of the CertEurope module
New features :
T1C Test emulator : Trust1Connector will give partners the opportunity to develop/integrate each card, without the need for a reference card.
T1C smaller package size : Trust1Team's R&D seeks to reduce packet size to avoid overloading its partners' disk space.
New support :
Windows Mini-Driver : In a future release, the Trust1Connector will have an additional option using the Windows mini driver.
Debian and Ubuntu : The both editions of Linux will be included in the Trust1Connector.
If you need more information about our authentication solution, get in touch and we will be happy to help you secure your data.