On Tuesday 10 February 2009 20:38:30 Douglas E. Engert wrote: > I have some more basic questions of the people in this discussion. > > Have any of you met face to face?
Did not met anyone. > > What are your motives in getting involved in OpenSC? > I began with this mission: >From my public page [1]: """Hardware cryptography (Smartcards) support is missing in open source community, mainly because there is no consensual standard regarding how to access these hardwares. RSA Security published PKCS#11 standard, which addresses exactly this issue. However only few open source projects implemented PKCS#11 support. The lack of hardware cryptography support is mainly a result of a conceptual dispute between Muscle, OpenSC, GnuPG and OpenSSL projects. Each believes that it is the most appropriate standard. The result is known to everyone - No proper hardware cryptography support is available in open source. Muscle and OpenSC provide PKCS#11 provider, although not the mainline interface, can be used in standard environments. My mission is to integrate PKCS#11 support in as many major open source projects as I can.""" So I modified OpenVPN, OpenSSH, QCA, GnuPG, eCryptfs to use PKCS#11. Then I wanted to improve the free open source implementation that looks the most premising, OpenSC. I found out that the OpenSC provider did not work for almost any of my configuration, so I made it work. Then I found out that pcsc-lite has issues which are at its core, so I switched to OpenCT and improved it as well. > > Are you working for companies that need smart card support? > No. I helped several large IT enterprises to implement full scale PKI projects. I've examined many vendors... The ones who understand the standards and the spirit of the standards, the ones who understand the standards and the ones who do not. At the open source world there is no competing solution (not event close!), so I thought I can help out beginning with applications and then in the implementation of a provider. I truly think that as we have a good open source operating system, web server, database and so on, we need to have a good free open source hardware cryptography available to users. > > Are you consultants that make a living off OpenSC? > Nope. I don't think it is ready. > > Are you hobbyists that just want to contribute? > Yes, although I did discuss Andreas of optional donate model for OpenSC so we can improve it. I estimate there is 1 man year gap to reach into a good enough solution. Alon [1] http://alon.barlev.googlepages.com/open-source _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
