>> The eToken is basically a smartcard that plugs into USB.
> I still don't really understand the difference apart from it containing
> a key that I match against. Which is in essence what I was asking to
> do with a USB block device which looks much cheaper than the eToken.
Typically, the difference is that it's not just a key you can read, but
instead the key is kept hidden inside the smartcard and you can only ask
the smartcard to use the key.
Think of it this way: you can ask the smartcard to decrypt some
encrypted data you provide, and if it succeeds, it proves to you that it
knows the secret key. But you can't directly read the secret key, which
means you can't easily copy the smartcard.
Real smartcards probably don't work the way I described, but I hope it
gives you some idea of how a smartcard can be different from a plain USB
mass storage holding a secret key.
Stefan
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/jwvipxuyd94.fsf-monnier+gmane.linux.debian.u...@gnu.org
