Am Montag 19 April 2010 16:57:35 schrieb Jan Just Keijser: > Note: there is no absolutely secure method to establish a connection > between a card on a remote machine and the CA . Period.
I think that is wrong. some smart card protocols work like that: step 1: ask card for some serial number (or given number) step 2: start encrypted communication using a key known to you and stored on the card when it was initialised. of course the protocol started with step 2 needs to be secure against replay attacks and so on, but I guess there are well known protocols that can be implemented right away. I'm no expert on this, but I see no reason why encrypted secure communication with a card needs more than a one time minimal initialisation (e.g. writing a number and a key to the card). Regards, Andreas _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
