F.Y.I. http://www.globalplatform.org/specifications/review/GPC_2.2_B_RAM_Over_HTTP_1.1.0.3_PR.pdf
It is a horrible idea using TLS-PSK when you can do the same thing PKI. If you rather use a TLS-server-only authenticated protocol, and and a dynamically created session-key you can also support - Content aggregation - User interaction - High-level key-management proxy while still maintaining true E2ES-operation It is (about) time making smart cards that actually match their epithet :-) Anders http://webpki.org/papers/keygen2/sks-keygen2-exec-level-presentation.pdf _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
