Emanuele Pucciarelli wrote: > Hi Anders, > > I'm very interested in these matters too. (Thanks, Roberto, for > starting the discussion here!)
Fine! >>> Moreover, I'm rather curious about SM for digital signature outside >>> Italy; is it used at all? >> It is a used by for example Swedish governments for citizens' on-line >> tax-declaration. >> I believe 500 000 people used it this year. > > I'm not sure I understand entirely; so the system uses a digital > signature, but would you know if it uses secure messaging too? They do not use SM. If they did somebody would reverse engineer the software and claim "victory" or something like that :-) SM was probably designed for usage in certified terminals so that the card wouldn't do anything interesting except in such a device. >>> If yes, is it implemented in a similar fashion? (SM keys embedded in sw >>> libraries?) >> No, I don't think SM has reached out to citizen/consumer PCs for several >> reason including a IMHO rather questionable security model. Why would >> the libraries be any more trustworthy than the rest of the computer? > > Do I infer correctly that the system uses secure messaging, but > client-side software is limited to relaying encoded APDUs that are > generated/decoded by the server-side application? You mean SKS/KeyGen2? Yes, the client software is a semi-trusted proxy that does the heavy lifting including XML encoding/decoding, networking, and GUI but it is still a fully E2ES (End To End Secured) solution with user PIN setting as the only exception. If the proxy does not relay properly the system will abort in one of the ends (SKS or issuer). It is like Global Platform's SCP80 on steroid's. > As for your question: I agree entirely with your observation, as there > is nothing making client-side libraries more trustworthy or able to > shroud the SM keys, yet this is the model by which Italian qualified > signatures are deemed compliant with CWA 14169. In Scandinavia I think authentication is considered the most critical operation (can't be rolled back, repudiated) and this is (AFAIK) not covered by EU regulations. Regards Anders > > Thanks! > _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
