Re: [opensc-devel] Sub-project for OpenSC with secure messaging and multi-applications

2010-04-29 Thread Anders Rundgren
I'm not a paranoid security freak, I just don't feel that a gazillion non-standard java applets all requiring a secure install is exactly thrilling. The Swedish BankID have recently scrapped their Java applet for custom native code. I believe all bets are off regarding the long-term outlook, And

Re: [opensc-devel] Sub-project for OpenSC with secure messaging and multi-applications

2010-04-29 Thread Martin Paljak
On Apr 29, 2010, at 11:03 , Viktor TARASOV wrote: > Martin Paljak wrote: >> On Apr 29, 2010, at 08:43 , gilles Bernabé wrote: >> >>> Oh interesting, but Java is much more heavy, if I remember correctly the >>> Java plugin(JRE + JDK) is more than 40mb, the XPCOM plugin just takes some >>> kb onc

Re: [opensc-devel] Sub-project for OpenSC with secure messaging and multi-applications

2010-04-29 Thread Martin Paljak
On Apr 29, 2010, at 18:32 , Anders Rundgren wrote: > Peter Stuge wrote: >> Anders Rundgren wrote: >>> What I *do* consider a problem is exposing PC/SC to browser code. >> >> What API would be OK? Is PKCS#11 much better? > > There should (IMO) not be any crypto API exposure in untrusted browser co

[opensc-devel] How to buy Feitian PKI card in US?

2010-04-29 Thread Jim Rees
Does anyone know a way to buy a Feitian PKI card in the US? Gooze won't ship here. Are there any other cards or usb tokens available in the US that work with OpenSC other than the Aladdin etoken? I prefer a non-java card but will take whatever I can get at this point. ___

Re: [opensc-devel] Sub-project for OpenSC with secure messaging and multi-applications

2010-04-29 Thread Anders Rundgren
Peter Stuge wrote: > Anders Rundgren wrote: >> What I *do* consider a problem is exposing PC/SC to browser code. > > What API would be OK? Is PKCS#11 much better? There should (IMO) not be any crypto API exposure in untrusted browser code. Mozillas's shows that you don't have to. Microsoft's C

Re: [opensc-devel] Sub-project for OpenSC with secure messaging and multi-applications

2010-04-29 Thread Peter Stuge
Anders Rundgren wrote: > What I *do* consider a problem is exposing PC/SC to browser code. What API would be OK? Is PKCS#11 much better? //Peter ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/l

Re: [opensc-devel] Sub-project for OpenSC with secure messaging and multi-applications

2010-04-29 Thread Anders Rundgren
gilles Bernabé wrote: > > > 2010/4/29 Anders Rundgren > > > I doubt that SCP01 (is that what you refer to or what?) is useful > in browsers but I leave that for you guys to find out :-) > > Gemalto has/is also pushing this concept though: > >

Re: [opensc-devel] Cardmod MiniDriver Problem

2010-04-29 Thread Jozsef Dojcsak
Actually, I have already tested a simpler modification, I replaced the line reader->active_protocol = pcsc_proto_to_opensc(SCARD_PROTOCOL_T0); with reader->active_protocol = pcsc_proto_to_opensc(SCARD_PROTOCOL_T1); but it produced the same problem, though I could only test it under XP, so I wil

Re: [opensc-devel] Cardmod MiniDriver Problem

2010-04-29 Thread francois . leblanc
Can you try this patch to see if the trouble is coming from T1 support, Regards François. François Leblanc Service Recherche et Innovation francois.lebl...@cev-sa.com Tél. : 02.33.77.65.00 Fax : 02.33.77.65.01 www.cev-sa.com Avant d'imprimer, pensez à l'environnement De : Jozsef Dojcsa

Re: [opensc-devel] Cardmod MiniDriver Problem

2010-04-29 Thread Jozsef Dojcsak
Hello François, thank you for the hint, it is then likely that the unsupported T=1 mode causes our problem. The partial success means: the cardmod DLL is loaded correctly by "certutil -SCInfo", but after the OpenSC context creation (right after the "[cardmod] reader-pcsc.c:1815:cardmod_detect_read

Re: [opensc-devel] OpenSC priority page on wiki

2010-04-29 Thread Jean-Michel Pouré - GOOZE
> libccid is not a sub project of OpenSC. > I expect to port libccid to libusb 1.0 before the end of the year > (with year = 2010) Okay but at least libccid is an important foundation. > > * Adding a mechanism to integrate OpenCT and libccid without > conflict. > > This would allow to use authen

Re: [opensc-devel] OpenSC priority page on wiki

2010-04-29 Thread Ludovic Rousseau
Le 29 avril 2010 12:06, Jean-Michel Pouré - GOOZE a écrit : > Dear friends, > > I read a lot of information on the mailing list about current projects. > Some projects like PostgreSQL have a to-do list page, where all ideas > are collected by authorized persons. > > Example: > http://wiki.postgres

Re: [opensc-devel] Sub-project for OpenSC with secure messaging and multi-applications

2010-04-29 Thread gilles Bernabé
2010/4/29 Anders Rundgren > I doubt that SCP01 (is that what you refer to or what?) is useful > in browsers but I leave that for you guys to find out :-) > > Gemalto has/is also pushing this concept though: > > http://w2spconf.com/2009/papers/s4p4.pdf > > My opinion is that you need a subsystem i

[opensc-devel] OpenSC priority page on wiki

2010-04-29 Thread Jean-Michel Pouré - GOOZE
Dear friends, I read a lot of information on the mailing list about current projects. Some projects like PostgreSQL have a to-do list page, where all ideas are collected by authorized persons. Example: http://wiki.postgresql.org/wiki/Todo The page is not a commitment, but just a list of ideas w

Re: [opensc-devel] Sub-project for OpenSC with secure messaging and multi-applications

2010-04-29 Thread Viktor TARASOV
Martin Paljak wrote: > On Apr 29, 2010, at 08:43 , gilles Bernabé wrote: > >> Oh interesting, but Java is much more heavy, if I remember correctly the >> Java plugin(JRE + JDK) is more than 40mb, the XPCOM plugin just takes some >> kb once installed. >> > > The ups and downs of Java have

Re: [opensc-devel] Sub-project for OpenSC with secure messaging and multi-applications

2010-04-29 Thread Viktor TARASOV
gilles Bernabé wrote: > Hello, > Oh Victor I've recently realized a Firefox plugin with XPCOM C++, > for the moment I've implemented a scriptable interface that permit to > send APDUs from the Javascript code, > so you can do HTTP GET and POST(in Javascript) to exchange APDUs with > a server. > I

Re: [opensc-devel] Crash in sc_pkcs15init_update_file when selecting a file fails

2010-04-29 Thread Ludovic Rousseau
2010/4/27 Viktor TARASOV : > Ludovic Rousseau wrote: >> >> Hello, >> >> $ gdb pkcs15-init >> GNU gdb 6.8-debian >> Copyright (C) 2008 Free Software Foundation, Inc. >> License GPLv3+: GNU GPL version 3 or later >> >> This is free software: you are free to change a