Peter Stuge wrote: > Anders Rundgren wrote: >>> I like the PKCS#11 over USB idea! > .. >>> trivial to provide a single portable PKCS#11 driver >> Pardon my ignorance, but I have not a clue what you mean with >> "PKCS #11 over USB" and "single driver" because there is no card >> that exhibit a PKCS #11 API. >> >> Could you elaborate a bit on this? > > The idea is to make it. It should be really straightforward, and > useful if the token you want to design is centered around PKCS#11 > operations.
Then we are *exactly* on the same page, we need NEW tokens! /anders > > As for single driver, that's a program which could rely completely > on libusb for hardware communication (WinMacLinuxFBSD, maybe Solaris) > and provide what would probably be really thin PKCS#11 wrapper on top > of USB calls to the outside world. > > Basically remove the whole lot of APDUs, T=0/T=1, CCID and PC/SC, > and talk PKCS#11 nearly directly with hardware. > > No - it doesn't solve any of the other issues you raise, but for > compatibility with deployment and personalisation software stacks the > device could also be CCID compliant, at the same time. > > The point with PKCS#11/USB is that the device driver would be the > PKCS#11 provider, and that device driver could be written in a short > time, and run on lots of systems. > > > //Peter > _______________________________________________ > opensc-devel mailing list > [email protected] > http://www.opensc-project.org/mailman/listinfo/opensc-devel > _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
