[opensc-devel] Why embedded SEs are more secure than smart cards
http://www.globalplatform.org/specifications/review/GPD_SE_Access_Control_v0_10_0.pdf By adding ACL information to keys during enrollment you can limit key misuse by bad apps. Although GP specifies a generic scheme not limited to SEs, the lack of developments by the vendors of connected SEs (Smart Cards), does in practice limit such features to embedded SEs like the one supplied for the Google Wallet. In SKS/KeyGen2 I have taken this concept one step further by allowing an issuer to specify that a PIN is only allowed through a GUI running in a TEE (Trusted Execution Environment). That is, if somebody spoofs a PIN dialog it won't give them SE access in the background. If the OS is broken nothing of this helps but that doesn't seem to be the case with mobile trojans. They are mainly just bad apps. Anders ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] patch quality standards?
Le 24 mars 2012 00:43, Magosányi, Árpád m4g...@gmail.com a écrit : Looking at https://www.opensc-project.org/codereview/#/c/150/ , which is a patch which is overwritten by a later patch in gerrit, I started to wonder again about quality standards. And this: http://lwn.net/Articles/328438/ And there should be others. This is what I have gathered so far: - whitespace problems marked red in gerrit are bad - unchecked null pointers are bad - with a warning cleanup patch state the warnings which had been cleaned up - comment. the comment and the code should be in sync - provide a (description of purpose? man page?) with a command-line program and there is that fighter airplane book, but maybe it is too long and I am a big fan of unit tests if someone else have to do them ;) the same about programming contracts ;) I'm in no position to draw the rules, so I am not creating a wiki page out of this, but I suggest that someone do. It would help the work of code reviewers. Most of your remarks were already in https://www.opensc-project.org/opensc/wiki/DevelopmentPolicy#Movingmasterforward I added what was missing. Thanks -- Dr. Ludovic Rousseau ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] patch quality standards?
On 03/24/2012 09:45 AM, Ludovic Rousseau wrote: Most of your remarks were already in https://www.opensc-project.org/opensc/wiki/DevelopmentPolicy#Movingmasterforward I added what was missing. Thanks Thank you, I added the link to the CodeReview page. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] removing libltdl?
Le 24 mars 2012 12:05, Magosányi, Árpád m4g...@gmail.com a écrit : I guess you might want to discuss the pros and cons of removing libltdl dependency. There is a heap of changesets about it in gerrit. I do not remember why libltdl was needed in the first place. Alon, do you know/remember why libltdl was added? Is it related to OpenSC on Mac OS X 10.5 for PowerPC? I found a reference in [1]. Bye, [1] https://www.opensc-project.org/opensc/changeset/53c3c486af54a60e4ea09bdd7ce936a3b538f420/OpenSC -- Dr. Ludovic Rousseau ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] removing libltdl?
Hello, On Sat, Mar 24, 2012 at 13:19, Ludovic Rousseau ludovic.rouss...@gmail.com wrote: Le 24 mars 2012 12:05, Magosányi, Árpád m4g...@gmail.com a écrit : I guess you might want to discuss the pros and cons of removing libltdl dependency. There is a heap of changesets about it in gerrit. I do not remember why libltdl was needed in the first place. Alon, do you know/remember why libltdl was added? It was added way-way ago in 2005, as there was one library (identically called scdl) which tried to be like libltdl (meaning wrapping dl and LoadLibrary). ltdl was supposed to give better portability (?) See 7d2ebb11c4a969583cadca8adb6e8153228a4866 Is it related to OpenSC on Mac OS X 10.5 for PowerPC? I found a reference in [1]. No. That is just a workaround for 10.5 Removing this is a good thing. Martin ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] wiki
Hello, On Sat, Mar 24, 2012 at 00:25, Magosányi, Árpád m4g...@gmail.com wrote: It have very few information and looks horrible. This is how far I could push it. Please help out with it. Will try. Pointing out actual things to take notice of would also be good to have. I think that it would be a good idea to put the GetInvolved page to the header between Roadmap and Browse Source, Good idea! Adding entries to menu bar in Trac requires a plugin and is not doable through the web. I added it as the first entry in the menu and also moved tags more to the front. Martin ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] removing libltdl?
On Sat, Mar 24, 2012 at 1:19 PM, Ludovic Rousseau ludovic.rouss...@gmail.com wrote: Le 24 mars 2012 12:05, Magosányi, Árpád m4g...@gmail.com a écrit : I guess you might want to discuss the pros and cons of removing libltdl dependency. There is a heap of changesets about it in gerrit. I do not remember why libltdl was needed in the first place. Alon, do you know/remember why libltdl was added? Is it related to OpenSC on Mac OS X 10.5 for PowerPC? I found a reference in [1]. Bye, [1] https://www.opensc-project.org/opensc/changeset/53c3c486af54a60e4ea09bdd7ce936a3b538f420/OpenSC Because at that time it was simpler to port to Windows using libtool. As I wrote in the origin post, currently there are almost none libtool usage. In Gentoo tree OpenSC was the last. I don't know any reason why it should be used. I should have removed it long ago. I already fixed the libp11 in similar manner, there I still can commit. Alon. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] removing libltdl?
Could someone tell me what happened with this change in gerrit? I see the messages but do not understand. On 03/24/2012 07:01 PM, Alon Bar-Lev wrote: On Sat, Mar 24, 2012 at 1:19 PM, Ludovic Rousseau ludovic.rouss...@gmail.com wrote: Le 24 mars 2012 12:05, Magosányi, Árpád m4g...@gmail.com a écrit : I guess you might want to discuss the pros and cons of removing libltdl dependency. There is a heap of changesets about it in gerrit. I do not remember why libltdl was needed in the first place. Alon, do you know/remember why libltdl was added? Is it related to OpenSC on Mac OS X 10.5 for PowerPC? I found a reference in [1]. Bye, [1] https://www.opensc-project.org/opensc/changeset/53c3c486af54a60e4ea09bdd7ce936a3b538f420/OpenSC Because at that time it was simpler to port to Windows using libtool. As I wrote in the origin post, currently there are almost none libtool usage. In Gentoo tree OpenSC was the last. I don't know any reason why it should be used. I should have removed it long ago. I already fixed the libp11 in similar manner, there I still can commit. Alon. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel