Jan Just Keijser wrote:
BTW, that should work in a similar way with OpenSC and the loading of opensc-pkcs11.so, at least that's what I'm doing on my personal PC.Right now I've got it boiled down to- install a single RPM (for RHEL4, Fedora Core 5/6, OpenSuSE 10.x) or install one or two .deb packages on Debian or Ubuntu - follow instructions on how to add the libetpkcs11.so module to Firefox and/or Thunderbirdthis seems to work quite well, and if you throw in enough screenshots all users can load the library without too many problems.
if a "fully-opensc" solution would work with the etokens that we have then that would be fine with me. Compatibility with the Aladdin RTE software would be a huge bonus but if the opensc solution works better then I am sure that I convince our users to re-initialize their tokens.I'm afraid, but this isn't going to happen in the near future...so it's an option explored...
However, before a fully-opensc solution works I would have to make sure that- initializing our etokens works,
I think this is something which is going to be fixed now.
including setting of a non-default SOPIN - generating and storing X509 certificates works
Should work too.
- integration with apps like Firefox, thunderbird, OpenVPN, Openssh/GSISSH, PuTTY etc works on all platforms (linux+windows+macos).
Should work too.
- the script that I have created to generate short-lived proxy certificates also works as well as it does now.Only then would the opensc-solution be a viable alternative. Unfortunately, we're quite a way off from that situation :-(
Not so far away maybe.
regards, Jan Just Keijser System Integrator Nikhef / Amsterdam
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Phone: +1.213.341.0390
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
