On Apr 19, 2010, at 10:55 , Anders Rundgren wrote: > Regarding what is ready and what's not, it is entirely clear that > card initialization is NOT READY for mass-market adoption. OpenSC > does currently not support end-to-end security initialization so IMO > it is not suitable as is and I also believe that the symmetric key > card solutions that you can buy are useless on the Internet. What your comments imply is that there is a need for the <keygen> style enrollment in the first place. IMHO, there are two target groups for smart cards:
a) centralized - like eID rollouts, where the actual RA has requirements other than purely technical b) "home user" - like people using pkcs15-init to store "their" keys a) has already solutions that work and don't really depend on what is available on the "edge" of the network (client computers) for initialization part b) works with whatever is possible with the card at hand, like OpenSC. -- Martin Paljak http://martin.paljak.pri.ee +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
