Hello, On Mon, Apr 25, 2011 at 12:01, Viktor TARASOV <viktor.tara...@opentrust.com> wrote: > Personally, I'm ready to remove at all 'insecure' option -- never used it. > All the stuff can be defined in the card profile. But let us wait for the > other opinions. I've used it and I find it a generally useful option, for cases where the card could get reset yet where the access to the key can be controlled with physical means (like a server with a token, where you'll just revoke the necessary certificates when the machine should be stolen and controlled access to the key is not as necessary). The problem is that it is not equally supported by card drivers and always not well supported by applications (which insist on using C_Login before any operations, disregarding CKF_LOGIN_REQUIRED)
> I don't know quite well the world of 'controlled/trusted environment', my > interest is rather > to administrate the card through the 'uncontrolled/untrusted' environment. That's a good philosophical difference. IMO the default "security officer" profile of OpenSC is not OK for home users either and the default could be onepin profile. More advanced (but still small setups) could set up different PIN profiles for card management (like the scheme described by Diego) and even bigger setups default to the most complicated scheme that will require further key management to maintain (your interest). This should be documented more nicely so that people who don't know the field or who know what they'd want to implement would know what to do and expect from OpenSC. Cheers, Martin _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
