Re: [opensc-devel] New project coordinator: Martin Paljak
On Mon, Apr 12, 2010 at 1:59 PM, Martin Paljak mar...@paljak.pri.ee wrote: My main goals and improvement areas in OpenSC are: snip 1. Make OpenSC secured? The fact that OpenSC locks the reader for its own use for the duration of the session is the most critical issue OpenSC has. As a result two applications that uses PKCS#11 at the same time either cannot work at the same time, or can access the card without authentication. A stateless mode should be implemented... [1], it has nothing to do with the card features, but credential caching. As for PINPAD readers, there are some cards that has a feature of authentication cookie that is given after initial authentication, this cookie is valid as long as there is power to the card. So the algorithm is as follows: Lock reader, authenticate using PINPAD, acquire cookie, unlock reader. After that a normal sequence of stateless operation can be executed while the cookie is the authentication credential. Because of the lack of this feature I could not offer OpenSC to any enterprise. 2. Support biometrics match-on-card? This feature is missing from open source and Linux drivers. If you go toward java cards, an applet can be implemented in order to do so, maybe using libfprint [2]. Alon. [1] http://www.opensc-project.org/opensc/ticket/186 [2] http://reactivated.net/fprint/wiki/Libfprint ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] New project coordinator: Martin Paljak
Hello as well, On Apr 11, 2010, at 09:48 , Andreas Jellinghaus wrote: for several years I have coordinated the OpenSC, OpenCT, Libp11, Pam_p11 and Engine_PKCS11 projects: Created new releases, fixed some bugs, helped many users with questions, applied patches from developers all around the world, written some documentation, tested our software and the packaging by distributions, kept our server alive and up-to-date and done whatever else was necessary to keep the projects going. Still most work was done by everyone else, I only had to fill some gaps and start some processes to keep the projects going. I'd like to thank Andreas for the great work during the past few years and for keeping the projects alive and moving forward! I heard about the intentions of some people to go to LinuxTag in Berlin for a get-together, if that will take place then Andreas receives a few beers/pizzas/whatever on me :) Recently however I started a new job and at least right now I have little time available for these open source projects. Thus I'm very happy to announce Martin Paljak has agreed to take over as project coordinator for these projects. Martin is a long time contributer and very active developer to OpenSC. He has already taken care of several parts of OpenSC in the past and improved and maintained them, such as the PC/SC reader driver with a focus on the PIN-pad input system, or driver for estonian national ID cards. Also he has been co-administrator of our server for several years and very active on the mailing list, helping users and developers, and recently started to reorganize and greatly improve our wiki pages. Looking back in time, I've been involved (at least using ;)) with the open source smart card related software since 2004 or so, with ups and downs in activity, as life usually goes. I can be accused in making it possible to use the Estonian eID card on alternative platforms, first Linux, then Mac, and it has all been possible because of the great work done by everybody who has contributed to OpenSC and friends! This has led to Estonia using OpenSC in the official eID software, which, I believe, led to the decision to create all of the software under LGPL or comparable (check https://id.eesti.ee/trac for the rest of it) I believe that working whit this has given me a holistic view of the smart card world that spans most common platforms (Windows, Linux, Mac OSX) and crosses the border between open source and proprietary solutions. As it is known, OpenSC has been used by others as well in their products or eID rollouts, either with source or without it. Which is IMHO a great sign of good work. My main goals and improvement areas in OpenSC are: - Raise the visibility of the OpenSC brand (and its sub-projects like all the PKCS#11 tools) among dumb end-users (who don't know that they have received OpenSC software in a software bundle), knowing end-users (who knowingly look for OpenSC and want to personalize their tokens) and among developers and integrators. To make this happen, some re-organization in the website and project(s) structure are needed. - Provide a competitive true open source solution for end-users, comparable to what is available from either card vendors or eID rollouts. This includes having smooth installers for non-Linux platforms and a user-friendly approach. - Try to keep the project(s) active and attractive to new contributors and users, no matter what their background or interest. The size and vitality of the community decides the success of an open source project, IMO. - Keep the projects up to date with current standards, trends, platform developments etc. One of these targets is to have great documentation on how to use modern JavaCards with OpenSC (or more broadly, with open source software) I also disclose that my daily work has been related to open source consulting for quite some time, which also covers OpenSC (and proprietary additions to it) but I have no relationships with any vendor (either software or hardware). If you have any comments or suggestions, please let me know. If you think that my focus on end-user and eID can lead somewhere we should not go or I'm somehow otherwise biased, please voice your opinions as well. Thanks, -- Martin Paljak http://martin.paljak.pri.ee +3725156495 ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] New project coordinator: Martin Paljak
Am Montag 12 April 2010 12:59:08 schrieb Martin Paljak: I'd like to thank Andreas for the great work during the past few years and for keeping the projects alive and moving forward! I heard about the intentions of some people to go to LinuxTag in Berlin for a get-together, if that will take place then Andreas receives a few beers/pizzas/whatever on me :) thanks for the offer, but I guess I can't make it to linuxtag in berlin this years, as I already have other plans for that weekend. but I'd be very interested in meeting up with people, and it would be best if it could be planed quite early, so we can even submit some talks, man a booth, prepare some demonstrations or organize a meeting with other projects to discuss smart card - application integration. my suggestion would be fosdem. I haven't been there so far, but from the news I read it seems to be the most active meeting for developers of all kinds of projects. it is away far enough so we have enough time for planing and preperations. the only downside is: it is quite far away: february next year. If you have any comments or suggestions, please let me know. If you think that my focus on end-user and eID can lead somewhere we should not go or I'm somehow otherwise biased, please voice your opinions as well. I still hope to find sime time for opensc too, some of the things I would like to work one (if I find time) are: * documentation. something small to ship with tar.gz files and install with distributions deb/rpm files. maybe in docbook/html/pdf/man whatever? * working example code: people often ask for examples of ssl sessions with smart card authentication. so we should provide that is possible, maybe for all major ssl kits (openssl, gnutls, nss). * developer documentation. I'm thinking about gathering commands to reflect the common operations, create log files with APDUs, decode them and thus build some document that shows what opensc does in detail, and what code needs to be written for new drivers to reproduce that. * maybe also write / help with acos5 driver. but I have quite little time right now, so no idea when I get to those. Also of course I will try to help as good as I can with administrative tasks and whatever else is necessary, if you need any help. Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
[opensc-devel] New project coordinator: Martin Paljak
Dear all, for several years I have coordinated the OpenSC, OpenCT, Libp11, Pam_p11 and Engine_PKCS11 projects: Created new releases, fixed some bugs, helped many users with questions, applied patches from developers all around the world, written some documentation, tested our software and the packaging by distributions, kept our server alive and up-to-date and done whatever else was necessary to keep the projects going. Still most work was done by everyone else, I only had to fill some gaps and start some processes to keep the projects going. Recently however I started a new job and at least right now I have little time available for these open source projects. Thus I'm very happy to announce Martin Paljak has agreed to take over as project coordinator for these projects. Martin is a long time contributer and very active developer to OpenSC. He has already taken care of several parts of OpenSC in the past and improved and maintained them, such as the PC/SC reader driver with a focus on the PIN-pad input system, or driver for estonian national ID cards. Also he has been co-administrator of our server for several years and very active on the mailing list, helping users and developers, and recently started to reorganize and greatly improve our wiki pages. I'd like to thank everyone for the support and encouragement I got as project coordinator and would like you to give the same to Martin Paljak as new project coordinator too. Of course I will continue to work on OpenSC and related projects to improve them and help users and all that, but I'm happy to pass the role of project coordinator to Martin, so the projects won't be held back by my recent time constrains. With kind regards Andreas Jellinghaus ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] New project coordinator: Martin Paljak
Thank you for your efforts in the past years! Good luck Martin! On Sun, Apr 11, 2010 at 9:48 AM, Andreas Jellinghaus a...@dungeon.inka.de wrote: Dear all, for several years I have coordinated the OpenSC, OpenCT, Libp11, Pam_p11 and Engine_PKCS11 projects: Created new releases, fixed some bugs, helped many users with questions, applied patches from developers all around the world, written some documentation, tested our software and the packaging by distributions, kept our server alive and up-to-date and done whatever else was necessary to keep the projects going. Still most work was done by everyone else, I only had to fill some gaps and start some processes to keep the projects going. Recently however I started a new job and at least right now I have little time available for these open source projects. Thus I'm very happy to announce Martin Paljak has agreed to take over as project coordinator for these projects. Martin is a long time contributer and very active developer to OpenSC. He has already taken care of several parts of OpenSC in the past and improved and maintained them, such as the PC/SC reader driver with a focus on the PIN-pad input system, or driver for estonian national ID cards. Also he has been co-administrator of our server for several years and very active on the mailing list, helping users and developers, and recently started to reorganize and greatly improve our wiki pages. I'd like to thank everyone for the support and encouragement I got as project coordinator and would like you to give the same to Martin Paljak as new project coordinator too. Of course I will continue to work on OpenSC and related projects to improve them and help users and all that, but I'm happy to pass the role of project coordinator to Martin, so the projects won't be held back by my recent time constrains. With kind regards Andreas Jellinghaus ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] New project coordinator: Martin Paljak
Hello Andreas, Thank you for your work! Good luck Martin! Andreas Jellinghaus wrote: Dear all, for several years I have coordinated the OpenSC, OpenCT, Libp11, Pam_p11 and Engine_PKCS11 projects: Created new releases, fixed some bugs, helped many users with questions, applied patches from developers all around the world, written some documentation, tested our software and the packaging by distributions, kept our server alive and up-to-date and done whatever else was necessary to keep the projects going. Still most work was done by everyone else, I only had to fill some gaps and start some processes to keep the projects going. Recently however I started a new job and at least right now I have little time available for these open source projects. Thus I'm very happy to announce Martin Paljak has agreed to take over as project coordinator for these projects. Martin is a long time contributer and very active developer to OpenSC. He has already taken care of several parts of OpenSC in the past and improved and maintained them, such as the PC/SC reader driver with a focus on the PIN-pad input system, or driver for estonian national ID cards. Also he has been co-administrator of our server for several years and very active on the mailing list, helping users and developers, and recently started to reorganize and greatly improve our wiki pages. I'd like to thank everyone for the support and encouragement I got as project coordinator and would like you to give the same to Martin Paljak as new project coordinator too. Of course I will continue to work on OpenSC and related projects to improve them and help users and all that, but I'm happy to pass the role of project coordinator to Martin, so the projects won't be held back by my recent time constrains. With kind regards Andreas Jellinghaus ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
