Dear Andre,
On 17.01.2011 17:09, Andre Zepezauer wrote: > Hello Viktor, > > from Changeset 5094 [1]: > "[...] 'path' is [now] mandatory for the 'Local' PINs." > > I think of it as a temporary solution to fix a weakness of "IAS ECC" > cards as specified by The Gixel Group [2]. But keep in mind that the > behaviour up to revision 4927 was conforming with PKCS#15 and ISO > 7816-15. After your changes [3] that isn't the case any longer. Please, what of the following do not conforms the PKCS#15 or is IAS/ECC specific: 1. "A local PIN may only be used to protect data within a given application." 2. OpenSC pkcs#15 framework need the complete context of the PIN usage . 3. According to previous, path to the 'given application' has to be present in the sc_pkcs15_pin_info . 4. Verification of local PIN cannot be obstructed by selection of the 'given application'. > As stated in another thread [4] it will break Java Cards Please, don't speak about this thread. I've spent two days on asking the same question, without getting comprehensible answer. As an answer only some mysterious "very special semantics" and the links, that I was studying carefully and that revealed to be absolutely without connection with this topic. During two days you were absolutely incapable to explain by what mechanism the Java Card could be broken, and I suppose that you still are. Please, don't start it again. > and you should be prepared to move that hack into an emulator. 1. For me it's not a hack. It's a righteous demand of OpenSC pkcs#15 framework to have full description of the PIN usage context . 2. Please, show me where it's IAS/ECC specific, and when the movement will start for complete eradication of the card specific issues in the common parts, be sure I'll be not far . > Regards > Andre Best regards, Viktor. > [1] http://www.opensc-project.org/opensc/changeset/5094 > [2] > http://www.gixel.fr/includes/cms/_contenus/bibliotheque/file/CAP%20/IAS%20ECC%20v1_0_1UK.pdf > [3] > http://www.opensc-project.org/opensc/changeset?reponame=&new=5094%40trunk%2Fsrc%2Flibopensc%2Fpkcs15-pin.c&old=4927%40trunk%2Fsrc%2Flibopensc%2Fpkcs15-pin.c > [4] > http://www.opensc-project.org/pipermail/opensc-devel/2011-January/015697.html > > > -- Viktor Tarasov <viktor.tara...@opentrust.com> _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
