2012/9/22 Anders Rundgren <anders.rundg...@telia.com> > On 2012-09-22 08:58, Andreas Jellinghaus wrote: > > > > Am 20.09.2012 21:06 schrieb "Anders Rundgren" > > <anders.rundg...@telia.com<mailto: > anders.rundg...@telia.com>>: > >> > >> > http://nelenkov.blogspot.se/2012/08/accessing-embedded-secure-element-in.html > >> > >> Very interesting IMHO. > > > > Agree, thanks for sharing. > >> > >> According to the author SD-slots are becoming exceptions also for > Android so this is > >> probably what most people will be dealing with. > > > > I think he is also over optimistic with multi applications on a Java > card SE, but we will see. > Indeed. I even wonder if the SE needs to host "applications" at all. > IMO, it would be enough > if the SE hosts keys and associated attributes while the applications > either rather run at OS-level > as trusted processes like PIN input etc. or as standard applications. As > far as I understand > the Wallet is just an Android "App" that is trusted by the SE. >
well, even if the battery of the mobile phone is empty, the secure element can still be powered by any reader and thus still work. Implementations can or cannot make use of this - if the implementation prefers the user to take the phone out of his bag, unlock it, open some app and make the "I approve" gesture, then disabling it is a good idea to prevent unauthorized usage. In my mind keys could optionally contain application-oriented ACL telling > which > applications they trust so that even if you install a "bad" App, it would > for > example not be able to use your bank or eID-key in the background. > I must admit I don't know how many apps are managed and seperated. given the restricted resources a smart card has, I assume there is a master key that creates contain of specific sizes/dimensions/... and the app is loaded into such a container, limiting it and reserving the unallocated space for further applications/containers? Is there a standard on doing this, or is it all JCOP magic under NDA? I only remember seeing code that would change master keys and put one app into a card, thus never bothered how it works in detail or how to manage resource, secure apps against each other etc. Also I wonder: does the vendor claim to have the security thight enough to prevent a hostile app from accessing data of another app? Or is it the usual "all is secure", but we don't tell how it works, how to use it, and make no real guaranties anyway? > Here is a write-up of a possible ACL-scheme that is intended for the Web > and "App": > http://webpki.org/papers/PKI/pki-webcrypto.pdf hmm, that link is configured as download :( a normal link would be easier so chrome users can browse it without a download to the filesystem (and another file kept around in Dowload/ folder forever). I haven't looked into this into very detailed. My new impression is I would only need to use a smart card key&cert with one site only - my SSO provider. Thus a plugin for that communication only would work well with me. I use two browsers, thus could have a differnt plugin each time linked to a different identity. Not sure if I wanted to share a card for that purpose, that agains simplifies my requirements I would have for a smart card a lot. Like many people I noticed that people have their mobile phone with them all the time, and notice if they lost it right away. Thus using a mobile phone for authenticating any other device seems to be the right thing to do and works well for many people in practice. Thus using the SE in such a phone can become interesting. Not sure what to do about phone theft though - I really fear putting all the access credentials into one basket (my phone), plus a lot of personal information, so any thief would be able to impersonate me and access my mail, documents, banks, and much more. In summary: my old expectations how to secure communication and use smart cards in them have gone many months ago, now I see the "world" very differently. My adventures into smart card business also make me wonder if trusting such an industry is a good thing. Andreas > > > Anders > > > > > The NFC chip should be similar to what can be used with libnfc, so > porting all the mifare copy clone and fake tools would be awesome... > > > > Andreas > >> > >> Anders > >> > >> _______________________________________________ > >> opensc-devel mailing list > >> opensc-devel@lists.opensc-project.org <mailto: > opensc-devel@lists.opensc-project.org> > >> http://www.opensc-project.org/mailman/listinfo/opensc-devel > > > >
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
