On Wed, 6 Jun 2001, Ludovic Rousseau wrote:
> On Mon, Jun 04, 2001 at 12:57:20PM -0700, David Corcoran wrote:
> > Hello,
> >
> > You can't use pcsc-lite-0.9.1 for remote use of the resource manager. I
> > wanted to create the core package as local only. I'm working on an RPC
> > like service that sits atop the local service which will export the PC/SC
> > interface ..... To the apps it will be identical to the older versions
> > that used RPC.
>
> I don't think using RPC is a good idea.
> You use a smartcard to provide security in a unsecure environment.
> I don't want to send my PIN code in clear over RPC. You need to have
> authentication, integrity and confidentiality of your networks
> communications.
> You could use 'secure RPC' but it will be hard to find implementations
> of it outside SUN.
Or maybe provide some kind of key exchange, and send the PIN code (and all
the card commands) hidden in an opaque data blob, simply encrypted.
That's surely difficult to design and implement correctly, but I agree
with Ludovic, it's not a good idea to transmit everything in clear.
> If you send your PIN code in clear over the network why not just use
> telnet ? :-(
>
> I want a secure channel between my smartcard and the program sending
> commands to it.
>
>
--
Erwann ABALEA
[EMAIL PROTECTED]
RSA PGP Key ID: 0x2D0EABD5
-----
Two most common elements in the universe: Hydrogen and Stupidity.
***************************************************************
Linux Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/smartcard/index.html
***************************************************************
