Massimiliano Pala wrote:
>
> Robert Hannemann wrote:
> [...]
> > and Massimiliano did you test the CHIP DRIVE ?
> > Do you plan implementing of smartcard support in the near future ?
>
> Well, I have tested the CHIP DRIVE and seems to work fine. The problem, now,
> is supporting the different cards. The smartSign tool from kefren do work
> under Linux but it is quite old, right now, and needs updating.
>
> I hope I can work on Smart Cards in the near future as there are still some
> open issues I wish to work on before coding for SC ( OpenCA new release,
> OCSP, SCEP, etc... ).
Smartcards are still supported on the clientside via Win XYZ
(95/98/NT/2000/Me/XP). So the clientside is not the problem of OpenCA.
The more problematical thing is the serverside keyhandling. The
OpenSSL-Engine comes with support of some hardware crypto modules
(sometimes called HSM - Hardware Security Module) but I don't know how
to integrate the engine into the normal ca and x509 commands. If
somebody knows what we have to do - perhaps some options to ./configure
during configuring OpenSSL - then you can have all private keys in
hardware if you are using OpenCA.
Regards Michael
------------------------------------------------------------------------------
Michael Bell Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Email (work):
[EMAIL PROTECTED]
Unter den Linden 6 Tel.(work): +49 (0)30-2093 2482
10099 Berlin
Germany [OpenCA Core
Developer]
http://openca.sourceforge.net
S/MIME Cryptographic Signature
