Re: [opensc-devel] W3C takes on Web+SecurityElements

On 10/3/2012 2:04 PM, Anders Rundgren wrote: > On 2012-10-03 20:45, Andreas Schwier wrote: >> Hmmm, so why would I want an IDP if I could prove my identity >> (certificate) and authenticity (client signature in SSL) with the >> credentials I have on my card ? The SSO aspect of the IDP... Using a

Re: [opensc-devel] W3C takes on Web+SecurityElements

On 2012-10-03 20:45, Andreas Schwier wrote: > Hmmm, so why would I want an IDP if I could prove my identity > (certificate) and authenticity (client signature in SSL) with the > credentials I have on my card ? > > Is it because SAML is easier to integrate than SSL client authentication > ? Or is i

Re: [opensc-devel] W3C takes on Web+SecurityElements

Hmmm, so why would I want an IDP if I could prove my identity (certificate) and authenticity (client signature in SSL) with the credentials I have on my card ? Is it because SAML is easier to integrate than SSL client authentication ? Or is it because I want my IDP (e.g. Google / Facebook) to know

Re: [opensc-devel] W3C takes on Web+SecurityElements

Hi Anders, of course I know your concept around SKS. My point is, that the security of the key provisioning mechanism must be grounded in the device itself. And because it is a limited device, the mechanisms must be a little more smart card friendly. That's why we designed the solution using stan

Re: [opensc-devel] W3C takes on Web+SecurityElements

On 2012-10-03 14:42, Andreas Schwier (ML) wrote: > Hi Anders, Hi Andreas, > > fine, just another API to access smart cards, token or secure elements - > this time using APDUs from within JavaScript. Why not ? > > I just don't see the application for it. What problem are they going to > solve ?

Re: [opensc-devel] Testing

I do not have MAC and cannot do the tests myself. If it's a regression, and if you have an access to MAC platform, you could try to determine the commit that introduced this problem. I do not see other way to resolve it . I propose to tag the 'rc1' and wait during certain time for more details or

Re: [opensc-devel] W3C takes on Web+SecurityElements

On 10/3/2012 5:08 AM, Andreas Schwier (ML) wrote: > So why do you think the smart card industry has never managed to get > their stuff "web compatible" ? > > Isn't OpenSC the best example that "Yes, you can access a protected > website / webapplication / webservice using a smart card and standard

Re: [opensc-devel] W3C takes on Web+SecurityElements

Hi Anders, fine, just another API to access smart cards, token or secure elements - this time using APDUs from within JavaScript. Why not ? I just don't see the application for it. What problem are they going to solve ? Would I trust some foreign JavaScript code in my browser to freely access my

Re: [opensc-devel] W3C takes on Web+SecurityElements

Il 03/10/2012 13:23, Anders Rundgren ha scritto: > What do you decipher from the following? > http://lists.w3.org/Archives/Public/public-sysapps/2012Jun/0058.html That Gemalto is interested in being an early player? :) BYtE, Diego. ___ opensc-devel mai

Re: [opensc-devel] W3C takes on Web+SecurityElements

On 2012-10-03 12:08, Andreas Schwier (ML) wrote: > So why do you think the smart card industry has never managed to get > their stuff "web compatible" ? > > Isn't OpenSC the best example that "Yes, you can access a protected > website / webapplication / webservice using a smart card and standard >

Re: [opensc-devel] new server hoster and adminstrator for opensc-project.org required

Am 03.10.2012 12:08, schrieb Jean-Michel Pouré - GOOZE: >> did anyone try the issue tracking and wiki functions on github ? Seems >> that it provides the same functionality as trac. > > You are right. > > Github features: > https://github.com/features/projects > > The issue tracking is already

Re: [opensc-devel] W3C takes on Web+SecurityElements

So why do you think the smart card industry has never managed to get their stuff "web compatible" ? Isn't OpenSC the best example that "Yes, you can access a protected website / webapplication / webservice using a smart card and standard based technology" works ? The issue really is, that the top

Re: [opensc-devel] new server hoster and adminstrator for opensc-project.org required

> did anyone try the issue tracking and wiki functions on github ? Seems > that it provides the same functionality as trac. You are right. Github features: https://github.com/features/projects The issue tracking is already in use: https://github.com/OpenSC/OpenSC/issues But I don't understand

Re: [opensc-devel] new server hoster and adminstrator for opensc-project.org required

Hi, did anyone try the issue tracking and wiki functions on github ? Seems that it provides the same functionality as trac. Migrating the data might be a pain, but also gives the opportunity to clean things up. I would prefer a solution where everything is nicely integrated. Other than that, I

[opensc-devel] W3C takes on Web+SecurityElements

http://www.w3.org/2012/09/sysapps-wg-charter Since the smart card industry have never managed making their stuff "web compatible" before, I assume they will fail this

[opensc-devel] Donation of a dedicated server to the OpenSC community

Le mercredi 03 octobre 2012 à 10:13 +0200, Jean-Michel Pouré - GOOZE a écrit : > What is your dedicated hosting plan? I am proposing to donate a Kimsufi 2G to the community and pay for it: http://www.kimsufi.com/fr/ It has a dedicated IP, an ATOM processor with 2G RAM and 1T disc space. Although

Re: [opensc-devel] Testing

Le mercredi 03 octobre 2012 à 09:17 +0200, Viktor Tarasov a écrit : > Ok, I will create the tag for release candidate. Please have a look at this Mac OS X package issue. I don't understand why the package build fails at final stage. Kind regards, -- Jean-Michel Pouré - Gooze -

Re: [opensc-devel] new server hoster and adminstrator for opensc-project.org required

> Beside this, one of the solution could be to : - move the sources of > the projects to github; - use my CI service for nightly builds; - > install on the same platform file server for release tarbals, RPMs, > MSIs, etc; - move onto the same platform wiki, trac and mailing > lists. Looks like th

Re: [opensc-devel] new server hoster and adminstrator for opensc-project.org required

Le mardi 02 octobre 2012 à 23:13 +0200, Andreas Jellinghaus a écrit : > So, have you agreed on something? I read different opinions, offers, > comments, but nothing that points out coming to some consent. What is > your preference? Since I'm not really active, I don't want to decide > this. Please

Re: [opensc-devel] new server hoster and adminstrator for opensc-project.org required

On Tue, Sep 18, 2012 at 11:33 AM, Jean-Michel Pouré - GOOZE wrote: > > Dear all, > > > wouldn't it be better to move the remaining parts of the project to > > github ? > > Sorry if I did not catch this message before. > I volunteer to take part in this project with the community. > > Migrating the

Re: [opensc-devel] new server hoster and adminstrator for opensc-project.org required

Hello Andreas, On Tue, Oct 2, 2012 at 11:13 PM, Andreas Jellinghaus wrote: > So, have you agreed on something? I read different opinions, offers, > comments, but nothing that points out coming to some consent. What is your > preference? Since I'm not really active, I don't want to decide this. >

Re: [opensc-devel] Testing

Hello Andreas, On Tue, Oct 2, 2012 at 7:53 PM, Andreas Schwier (ML) < andreas.schwier...@cardcontact.de> wrote: > we've tested the nightly build (OpenSC-git20121002092635-win32.msi) that > includes write support for the SmartCard-HSM and found no issues. > > We've tested with our own PKCS#11 tes