Hello,
This patch simply break the use of westcos 2ko cards used for key transports facility not
for hight security level...
I don't understand why this can be let in place since like I said or I would like said I provide my own
custom build to the users of westcos cards 2ko so it's ok for me if official build don't use openssl if
I can still build with openssl and use software rsa...
Regards,
François.
A : francois.lebl...@cev-sa.com
De : Martin Paljak <mar...@paljak.pri.ee>
Date : 13/12/2010 13:41
cc: opensc-devel@lists.opensc-project.org
Objet : Re: [opensc-devel] westcos still fakes crypto hardware
Hello,
On Dec 8, 2010, at 9:35 AM, francois.lebl...@cev-sa.com wrote:
> For know I don't have patch for removing software operation on westcos,
Andre created one, can you see if it works (or document what it breaks) ?
> This is needed until westcos with cryptographics becomes available...
>
> But like I make my own build, I use openssl, you can build without openssl
During the past ~8 years in Estonia, the most common problem about the security of the ID card (apart from trojans, PIN stealing and other scam schemes) is somebody claiming that "it must be possible to clone an ID card and then steal your house".
People use smart cards because they expect it to protect their private keys, IMO this is the most important expectation that needs to be catered for.
Until the card comes out with cryptographic capabilities, you can provide your users with a custom-built version or a custom tarball.
Cheers,
--
@MartinPaljak.net
+3725156495
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
