2011/5/9 Jean-Michel Pouré - GOOZE <jmpo...@gooze.eu>: > Dear Alon, > > Could you comment the alternative, where OpenSC would behave as a > client-server application pooling access requests from applications and > locking the card in exclusive mode, i.e. work as a proxy. > > Kind regards,
Hi, This had been raised long ago. Create a proxy PKCS#11 that uses another PKCS#11. The proxy does not keep long living session within the proxied PKCS#11 module. This will solve OpenSC issue, however, as it needs to cache the PIN in order to keep opening new session, it will probably lock the card if PIN is changed (same issue as stateless). It will also work extremely slow, as each time it will open session all objects should be enumerated again. And... I don't like proxies... If we going to cache PINs, we need to do so in the OpenSC provider, and solve this at least partially, this way we can also reset all instances if PIN is changed by any OpenSC tool. Alon. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
