Does the API matter anyway ? No, it's the functionality the TEE provides: Generate, store, maintain and use cryptographic material and do all kinds of risk management. And these functions do not really require web service and overloaded APIs. They require APIs that are consistent, simple to implement and simple to be security evaluated. An ISO 7816-4 API is not an elegant API, but is has been around for a long time, people understand it and it does what it is supposed to do.
I would love to see a CC certified TEE that has an embedded JavaCard VM with lots of memory and sufficient processing power. Andreas Am 15.11.2012 00:13, schrieb Peter Stuge: > Anders Rundgren wrote: >> http://www.theregister.co.uk/2012/11/13/trustzone_company >> >> Smart cards? Don't think so. > TrustZone isn't half bad hardware. > > But I bet that the solution they come up with will still use exactly > the same old APDUs, with just a minimum bolted-on, in order to make > something that just barely works. > > > //Peter > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel -- --------- CardContact Software & System Consulting |.##> <##.| Andreas Schwier |# #| Schülerweg 38 |# #| 32429 Minden, Germany |'##> <##'| Phone +49 571 56149 --------- http://www.cardcontact.de http://www.tscons.de http://www.openscdp.org _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
