On May 19, 2010, at 11:38 , Alon Bar-Lev wrote: > For a security product, I don't think it is wise to have default of > none secure behavior, especially such that allows everyone to use the > private objects once authenticated.
The card maintains the final authentication/authorization requirements. There are keys like signature keys which require a PIN verification before each and every operation and there are keys that work as long as they are once activated. With such a locking behavior it would make sense to build a direct PKCS#11 -> CCID usb stack instead. -- Martin Paljak http://martin.paljak.pri.ee +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
