Douglas E. Engert wrote:
NIST 800-73-1 is going to drop the requirement for pin protected
certificates
on the PIV cards. This was the single biggest complaint. This change
makes this
the default, but does allow for continued testing with current cards
that do
enforce the 800-73 requirement of pin protected certs by adding flags=10 to
the card_atr section in the opensc.conf file. Eventially this code could be
removed in some future release.
How difficult would it be to auto detect whether or not the
cert is protected ? Btw: how many cards with a protected
certificate has been issued ? If none I guess we could ignore
them completely.
Cheers,
Nils
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
