At 09:38 AM 12/16/2003 -0500, Ian Grigg wrote:
In the late nineties, the smart card world worked out that each smart card was so expensive, it would only work if the issuer could do multiple apps on each card. That is, if they could share the cost with different uses (or users).
Of course, at this point the assertion that a smart card (that doesn't also have independent user I/O) costs enough to care about is pretty bogus. Dumb smartcards are cost-effective enough to use them to carry $5 in telephone minutes.
The real constraint is that you're unlikely to have more than one card reader in a machine, so multifunction cards provide the opportunity to run multiple applications without switching cards in and out, but that only works if the application vendors cooperate.
For instance, you may have some encrypted session application that needs to have your card stay in the machine during the session (e.g. VOIP, or secure login, SSH-like things, remote file system access), and you may want to pay for something using your bank smartcard during the session. That's not likely to work out, because the secure session software vendors are unlikely to have a relationship with your bank that lets both of them trust each other with their information, compared to the simpliciy of having multiple cards.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
