Jean-Michel Pouré - GOOZE wrote: > On Mon, 2010-04-19 at 06:51 +0200, Anders Rundgren wrote: >> I'm still quite uncertain on what to emulate in order to get a >> middleware-free token. CCID yes, but above that level things >> looks much more unclear. > > Before working on a new token, we recommend that you use OpenSC and > learn about X.509 standards and authentication tools. There is no need > to reinvent the wheel if everything is already there.
I work with X.509 on a daily basis so that's not a problem. Using OpenSC may be the solution but I still have to investigate alternatives such as emulating PIV/FIPS201 tokens since (as the subject line alludes) I'm interested getting away from middleware. That every EU eID card needs some specific feature in some of the layers is an indication that at least PKCS #15 is unlikely to be the "my" way. Regarding what is ready and what's not, it is entirely clear that card initialization is NOT READY for mass-market adoption. OpenSC does currently not support end-to-end security initialization so IMO it is not suitable as is and I also believe that the symmetric key card solutions that you can buy are useless on the Internet. > Kind regards, U2! Anders _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
