Jean-Michel Pouré - GOOZE wrote: When several applications share access to the card, somehow the PIN is blocked.
I don't think that's what you mean. "PIN is blocked" is a precise term used by smart card people, it means the card is no longer usable because it has detected an attempted intrusion and shut itself down. I think what you mean is that app no. 2 is unable to access the card because app no. 1 is using it, and when app no. 1 is done, app no. 2 can proceed. Correct? Someone mentioned this is a restriction in pkcs11, but it's really more of a card policy issue in my opinion. The idea is that if app no. 1 has submitted a PIN but app no. 2 has not, then app no. 2 should not have access to crypto ops requiring a PIN. And since pkcs11 has no way to know which ops might require a PIN, it blocks everything from app no. 2. This may not be the security model you prefer but it's what we're stuck with. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
