Hello, On Sep 1, 2010, at 12:12 PM, Patrik Martinsson wrote: > 1. Support for integrated readers (like the one's in hp's laptops > (6930p/8440p etc.), i guess the hardware manufacturers are the only ones > that could change this. Only if they integrate standard CCID readers directly to the USB bus. Unfortunately they use integrated chips that do "secure digital" and "smart card". Some Linux tutorials in the wild, that talk about OpenSC, direct people to memory card reader listings (where, indeed, some chips support smart cards but AFAIK only on Windows) instead of libccid's extensive list...
> 2. Support by gdm/screensaver/or any application actually that uses > pkcs11, to handle locked cards. (I think if the card is locked you > should get the possibility to unlock it with your puk, I don't know why > this is not possible today ? ) Why should a screensaver handle locked cards? Unlocking PIN-s via PKCS#11 is somewhat tricky/impossible. I can understand, that for usability, if you have a single workstation and you get locked out of your computer, how else could you unlock your card. But from security perspective handling a locked token as a dysfunctional token is OK. Depending on the setup, maybe you need to talk to a security officer to get your card unlocked or do a more complicated (remote) unlock procedure. PKCS#11 only provides C_SetPIN which is meant to change the PIN code of the current user. > 3. Support for NM to handle pkcs11 tokens when authenticating to 802x > wireless networks. wpa_supplicant, which NetworkManager uses, should support PKCS#11, but apparently the functionality is not important enough to be exposed via the GUI. > I guess 2 and 3 are application-specific rather then opensc, however i > though i would share my two cents. OpenSC can use any smart card reader that has a functioning driver in either pcsc-lite (preferred), OpenCT (might exist for exotic devices on Linux) or CT-API (you'll probably not find them). To collect such wishlist items, I created a small wiki page [1] for things that would really be nice to have one day, but what are not realistic or are not actionable enough to create a ticket at this current moment. Feel free to update it. [1] http://www.opensc-project.org/opensc/wiki/WishList -- Martin Paljak @martinpaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
