Le samedi 07 mai 2011 à 23:43 +0300, Alon Bar-Lev a écrit : > The authentication cookie solves above, PINPAD, BIO efficiently, > however it requires card to support it. You get a cookie out of > PIN/PINPAD operation/BIO match. The cookie is valid as long as card is > powered on and policy permits. Policy may state that once PIN is > changed all cookies are invalidated or not. You may use the cookie > instead of PIN in all object access operations, so you can use > stateless transactions, while never lock the card by mistake, minimize > the user interaction required during PINPAD/BIO operations.
Dear Alon, Could you comment the alternative, where OpenSC would behave as a client-server application pooling access requests from applications and locking the card in exclusive mode, i.e. work as a proxy. Kind regards, -- Jean-Michel Pouré - Gooze - http://www.gooze.eu _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel