On Friday, March 19, 2004, at 01:34PM, Peter Tomlinson <[EMAIL PROTECTED]> wrote:
>Bernhard, > >Direct input of PIN to the Javacard? How? PIN pad actually on the card? >Biometric sensor on the card? Or secure extensions to card readers to allow >input? I just do not understand the architecture of what you are trying to >do. A biometric sensor on the card is not in the range of this specification as I don't know anything about Biometric sensors for smart cards. But it could be added, of course. The idea is to create a specification for a security token that may support CLC and offers some kind of input device on the token itself. Trusting a card reader always means your're expecting the card reader to be tamper proof. I don't think that's a good idea. The secure input device should be on the token you're carrying with you. Imagine a combination lock on a USB stick, for example. That's a very straightforward and convenient form to enter a PIN everybody understands from using mechanical combination locks. It should be inexpensive to build something like that into a USB stick. The USB stick could have to caps: A covered combination lock on one side, the USB connector on the other side. --- > Visit the OpenCard web site at http://www.opencard.org/ for more > information on OpenCard---binaries, source code, documents. > This list is being archived at http://www.opencard.org/archive/opencard/ ! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email ! to ! [EMAIL PROTECTED] ! containing the word ! unsubscribe ! in the body.