Le mardi 08 février 2011 à 15:30 +0100, Peter Stuge a écrit :
> Quality of key material is however very important, for all cards,
> since these are security products.
> If in fact a card is not so secure, then we will do the world a
> service by pointing that out. Peer review, you know how it works.
Sure, IMHO measuring the RSA generation duration and variability does
not give any reliable information. Are you doing peer review on that ...
whaoooo I am impressed.
With duration and variation, you can only "guess" the unknown and this
is not a scientific approach. You know the scientific approach: you
should know what you compare and be able to compare to a standard. But
there is no standard in timing key generation. And you don't know what
exactly you are measuring: speed or quality of key.
> As has already been pointed out several times by now there has so far
> not been really conclusive information about Feitian, only very
> limited testing has been done.
Not true. I cannot let you say that.
We doing daily testing and the card works better than many others.
Furthermore, this is the #1 sales of OpenSC compatible cards.
This is enough for me loosing time in this discussion. First I read
"Looks like bad news for me". Then "Only limited testing has been
done".
I am out for the day. Bye.
--
Jean-Michel Pouré - Gooze - http://www.gooze.eu
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
