On Thu, Jan 19, 2012 at 1:10 AM, Anders Rundgren <anders.rundg...@telia.com>wrote:
> > This is since long solved problem. It is an intrinsic part of > GlobalPlatform > where you don't really use CSR's and PoP's but a session-key to secure > that you > are really talking to the card. > > On http://webpki.org/auth-token-4-the-cloud.html > you can find a lot of material on a system that takes this concept to > a new level by making the entire provisioning session a transaction. > > I hope to present it on FOSDEM but I haven't heard from Martin yet... > Cool. Intel has a similar process for their (non-GP I think) devices. Even generically, could SM be used for this? (Or is that in fact what you are referring to?) It means the CA, not the user, is interacting with the card, which might even be a good thing. Someone emailed me privately mentioning SM but I told him he was incorrect since the CA wasn't part of the SM session. Maybe that's what he meant.
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel