Il 26/04/2011 08:41, Martin Paljak ha scritto: >> Personally, I'm ready to remove at all 'insecure' option -- never used it. >> All the stuff can be defined in the card profile. But let us wait for the >> other opinions. > I've used it and I find it a generally useful option, for cases where > the card could get reset yet where the access to the key can be > controlled with physical means (like a server with a token, where > you'll just revoke the necessary certificates when the machine should > be stolen and controlled access to the key is not as necessary). The That's another interesting use, but on a server you'll usually need faster tokens (unless it's really low-traffic). One of the projects on my TODO list (quite a long list :( ) is to implement a suitable interface (CCID+virtual token? Could be better to opt for something that doesn't require APDUs...) on an embedded system w/ USB device interface...
> problem is that it is not equally supported by card drivers and always > not well supported by applications (which insist on using C_Login > before any operations, disregarding CKF_LOGIN_REQUIRED) That's an app bug and to be reported as such. Trying to "fix" it at the wrong level doesn't do any good. But, for example, ssh doesn't require it unless the key is protected (but then it leaves the card in unusable state). But generating a protected key when --insecure is specified is a bug in opensc (or in the card driver). IMHO. Since you used --insecure, can you confirm that its misbehaviour is only for MyEID cards? >> I don't know quite well the world of 'controlled/trusted environment', >> my interest is rather to administrate the card through the >> 'uncontrolled/untrusted' environment. > That's a good philosophical difference. IMO the default "security > officer" profile of OpenSC is not OK for home users either and the > default could be onepin profile. Well, I think that at least two PINs are always a good idea: one for *use* and one for *administration*, so the user is forced to know he's doing something dangerous. If he doesn't like to remember'em, then he could simply use the same code for both. But having only one is, IMVHO, a really bad idea, just like using 'root' for browsing the web. BYtE, Diego. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
