--On Thursday, January 22, 2009 02:57:10 PM +0200 Alon Bar-Lev <alon.bar...@gmail.com> wrote:
> On 1/22/09, Stanislav Brabec <sbra...@suse.cz> wrote: >> Alon Bar-Lev wrote: >> > On 1/21/09, Stanislav Brabec <sbra...@suse.cz> wrote: >> Yes, udev supports it as well. But most vendors prefer HAL for this >> purpose nowadays. > > vendors? You mean Novell, right? Most of the major Linuxes, both commercial and otherwise. I believe Sun is also going down this path. >> My current intention was: >> - Define HAL standard keywords for smart card readers (and maybe for >> their features). >> - Identify all Smart Cards by HAL. > > Smartcards or readers? > I guess you mean smartcard. Yeah, see, that's the problem. The OP is still conflating readers and cards, probably because he's spending two much time with hardware in which the two are inseparable. The proposed HAL configuration is centered around detecting readers, which is not entirely inappropriate, but the use cases are all about doing things when a _card_ appears. Things that appear on USB busses are _not_ smartcards, _ever_. Smartcards appear _only_ in readers, which means that applications which wish to do something when a smartcard appears need only watch pcscd (or openct) and take action when a card appears. It doesn't need to know about HAL, and HAL doesn't need to know about smartcards, because there is _already_ an appropriate abstraction here. >> - And finally move pcscd hotplug from udev to hal. With a bit of >> configuration, it may support serial port readers. > > I think it is already implemented using hal. One of the reasons why I > turned to openct. Yes, pcscd supports using HAL to detect hotplugging of USB devices. It also supports using libusb directly, so not wanting to use HAL is not a reason to abandon pcsc-lite. Please, come back. :-) >> Smart card token is just unplugged => save and kill the session, logout > > And if you have two plugged in? > The pam_pkcs11 has a simple process that takes care of this without > any complex configurations. I have to agree here -- automatic logout needs to be tied to the particular card used to log in, if any. I perform tasks fairly frequently in which I insert a card for a short time, to authenticate to some service, and then remove it when I'm done using the service. > I am truly sorry... But I don't see the benefit. For me, it actually comes down to this. Leaving all other issues aside, the real question is what are the actual use cases that will benefit? -- Jeff _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
