Package: mozilla-opensc
Version: 0.11.1-2
Severity: normal
The Finnish national identity cards (FINEID) contain two secret keys:
one of them is for common authentication and the other is for
nonrepudiable signatures backed by law. These keys have different PINs;
PIN1 is for common auth and PIN2 is for signatures.
It is obvious that PIN2 should only ever be requested when a signature
is needed. Therefore, asking for PIN2 when logging in to a website is
harmful. This is, however, what happens when using mozilla-opensc.
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/dash
Kernel: Linux 2.6.18-4-amd64
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Versions of packages mozilla-opensc depends on:
ii libc6 2.3.6.ds1-11 GNU C Library: Shared libraries
ii libopensc2 0.11.1-2 SmartCard library with support for
ii libssl0.9.8 0.9.8c-4 SSL shared libraries
ii zlib1g 1:1.2.3-13 compression library - runtime
mozilla-opensc recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
