Does the API matter anyway ?

No, it's the functionality the TEE provides: Generate, store, maintain
and use cryptographic material and do all kinds of risk management. And
these functions do not really require web service and overloaded APIs.
They require APIs that are consistent, simple to implement and simple to
be security evaluated. An ISO 7816-4 API is not an elegant API, but is
has been around for a long time, people understand it and it does what
it is supposed to do.

I would love to see a CC certified TEE that has an embedded JavaCard VM
with lots of memory and sufficient processing power.

Andreas

Am 15.11.2012 00:13, schrieb Peter Stuge:
> Anders Rundgren wrote:
>> http://www.theregister.co.uk/2012/11/13/trustzone_company
>>
>> Smart cards?  Don't think so.
> TrustZone isn't half bad hardware.
>
> But I bet that the solution they come up with will still use exactly
> the same old APDUs, with just a minimum bolted-on, in order to make
> something that just barely works.
>
>
> //Peter
> _______________________________________________
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> http://www.opensc-project.org/mailman/listinfo/opensc-devel


-- 

    ---------    CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#       #|   Schülerweg 38
   |#       #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
    ---------    http://www.cardcontact.de
                 http://www.tscons.de
                 http://www.openscdp.org

_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Reply via email to