2012/12/27 Ludovic Rousseau ludovic.rouss...@gmail.com:
Hello all,
2012/12/26 Viktor Tarasov viktor.tara...@gmail.com:
On Wed, Dec 26, 2012 at 3:56 PM, Andreas Jellinghaus andr...@ionisiert.de
* mailing lists: no idea what the current status is (i.e. this is a
test mail). Do we have new
Hi,
merry xmas / happy holidays everyone!
If you don't read this in the coming day: all is fine, enjoy your time
off with friends and family or skiing or ...
But for those with time on their hands for open source project work:
can someone summarize the current status of our server migration?
*
opensc has a test suite that does very similar things - create a key,
take some content, hash it, sign the hash, verify it.
or take some content, and encrypt/decrypt it, verify the result is ok.
check that code, most of it will be very similar to
what you have, except for the smart card specific
2012/11/21 Martin Paljak mar...@martinpaljak.net:
On Thu, Nov 15, 2012 at 7:12 PM, Anders Rundgren
anders.rundg...@telia.com wrote:
Another hurdle is that the GP security model is incompatible with the
Internet: GP presumes mutual authentication AFAIK. This is how the
Google Wallet
2012/11/21 Martin Paljak mar...@martinpaljak.net:
On Wed, Nov 21, 2012 at 8:55 PM, Andreas Jellinghaus
andr...@ionisiert.de wrote:
2012/11/21 Martin Paljak mar...@martinpaljak.net:
On Thu, Nov 15, 2012 at 7:12 PM, Anders Rundgren
anders.rundg...@telia.com wrote:
Another hurdle
2012/11/16 Peter Stuge pe...@stuge.se:
Ludovic Rousseau wrote:
Andreas, the host available at opensc-project.org will disapear at the
end of the year 2012 [2].
I think you misunderstood what Andreas wrote in his email.
I think that what Andreas was saying is that someone else needs to be
2012/11/16 Viktor Tarasov viktor.tara...@gmail.com:
Hello Peter,
Le 16/11/2012 21:42, Peter Stuge a écrit :
Viktor Tarasov wrote:
I propose to start migration the week 19-25.11 . I'll have more free time:
- sources: all sources will migrate to github;
- CI: CI server is currently hosted by
Hi,
I wonder what we can or should do to improve the state of the project.
It seems to me:
* the last release was 0.12.2, released on 17.07.2011, not enough
progress to create a release since.
* that is a maintenance release, the last major version was opensc
0.12.0 in 22-Dec-2010.
* discussions
opensc needs very few resources I think, so a much smaller system would
work as well I guess.
but if there is noone specialised on setting up such a server and keeping
it running well and secure, maybe
using some service like code.google.com, sourceforge, savannah or github or
others would be
So, have you agreed on something? I read different opinions, offers,
comments, but nothing that points out coming to some consent. What is your
preference? Since I'm not really active, I don't want to decide this.
I checked googlegroups and code.google.com, worst case I can figure out how
to
2012/9/27 Martin Paljak mar...@martinpaljak.net
On Sat, Sep 22, 2012 at 1:41 PM, Andreas Jellinghaus
andr...@ionisiert.de wrote:
In my mind keys could optionally contain application-oriented ACL
telling
which
applications they trust so that even if you install a bad App, it
would
2012/9/25 Peter Stuge pe...@stuge.se
NdK wrote:
IIUC that bit is not authenticated, so a MITM attack can force both
the
reader and the card think the other party doesn't support PIN auth,
making the card sign the transaction anyway, regardless the amount
involved. So IMVHO it's
2012/9/23 Anders Rundgren anders.rundg...@telia.com
On 2012-09-23 12:04, Andreas Jellinghaus wrote:
2012/9/22 Anders Rundgren anders.rundg...@telia.com mailto:
anders.rundg...@telia.com
On 2012-09-22 17:27, NdK wrote:
Il 22/09/2012 12:41, Andreas Jellinghaus ha scritto
2012/9/24 NdK ndk.cla...@gmail.com
Il 23/09/2012 11:52, Andreas Jellinghaus ha scritto:
In my mind, the SE should take over display and touch controller by
hardware means, so absolutely no app can snoop user input or fake it.
Too bad seems nobody really *needs* that level of security
2012/9/25 NdK ndk.cla...@gmail.com
Il 24/09/2012 21:37, Andreas Jellinghaus ha scritto:
no, I was refering to all the magic solutions that make things secure
suddenly.
there was a good comic strip I can't find just now...
Hackers view: oh, no, this laptop is protected by 4096-bit RSA
2012/9/22 NdK ndk.cla...@gmail.com
Il 22/09/2012 12:41, Andreas Jellinghaus ha scritto:
In my mind keys could optionally contain application-oriented ACL
telling which
applications they trust so that even if you install a bad App, it
would for
example not be able
2012/9/22 Anders Rundgren anders.rundg...@telia.com
On 2012-09-22 17:27, NdK wrote:
Il 22/09/2012 12:41, Andreas Jellinghaus ha scritto:
In my mind keys could optionally contain application-oriented ACL
telling which
applications they trust so that even if you install a bad
Am 20.09.2012 21:06 schrieb Anders Rundgren anders.rundg...@telia.com:
http://nelenkov.blogspot.se/2012/08/accessing-embedded-secure-element-in.html
Very interesting IMHO.
Agree, thanks for sharing.
According to the author SD-slots are becoming exceptions also for Android
so this is
Am 21.09.2012 09:41 schrieb Ludovic Rousseau ludovic.rouss...@gmail.com:
Hello,
2012/9/20 B. Scott Michel sco...@aero.org:
I'm debating whether to submit a pull request on github with patches to
reduce gcc's warnings to a minimum (actually, completely eliminated.)
However, the patches
2012/9/22 Anders Rundgren anders.rundg...@telia.com
On 2012-09-22 08:58, Andreas Jellinghaus wrote:
Am 20.09.2012 21:06 schrieb Anders Rundgren
anders.rundg...@telia.commailto:
anders.rundg...@telia.com:
http://nelenkov.blogspot.se/2012/08/accessing-embedded-secure-element-in.html
A small follow up: As far as I know the server does:
* svn server / code repository
* svn server / release tar.gz repository (also containing binaries)
* build robot to create nightly builds and or automated builds (jenkins?)
* many trac repositories - wiki, browser for svn, bug tracking (the bugs
Hi,
opensc-project.org needs a new home: someone with a (real or virtual)
server and the interest in
setting it up from scratch and keeping it running and maintaining that
server, installation and service
for the project. someone who is able to win the trust of the community as
new server
2012/6/11 Jean-Michel Pouré - GOOZE jmpo...@gooze.eu
Dear Andreas and all,
Nice to hear from you.
the software running opensc-project.org is getting very, very old.
I didn't upgrade it when Martin had plans to rebuild the server on
real hardware somewhere,
but that didn't happen for
/ tar.gz files etc.
* buildreview system (jenkis/gerrit/...?)
not sure if github covers all of that. sourceforge might - not sure, other
service: no idea.
Regards, Andreas
Alon.
On Mon, Jun 11, 2012 at 10:31 PM, Andreas Jellinghaus
andr...@ionisiert.de wrote:
Hi everyone,
the software
Hi everyone,
the software running opensc-project.org is getting very, very old.
I didn't upgrade it when Martin had plans to rebuild the server on real
hardware somewhere,
but that didn't happen for years now, and the installation is getting older
and older.
Is anyone interested in working on
2012/3/22 Anders Rundgren anders.rundg...@telia.com
Somewhat related to the OpenSC organization discussions:
http://www.globalplatform.org/documents/Consumer_Centric_Model_White_PaperMar2012.pdf
I must confess I don't understand a thing of this, neither the business
model,
the consumer
Am Freitag 25 November 2011, 19:39:43 schrieb Niclas Hoyer:
Hi,
I'm running a recent ArchLinux on a Thinkpad x60t and installed a
CardMan4040 pcmcia card reader.
OpenCT works, at least I get an ATR:
Buy a real card reader, CardMan 4040 never worked right in all these
years, as far as I
I'm transfering the domain to Martin right now. He already configured
everything, so you shouldn't notice anything. If you run into any trouble,
please contact a...@dungeon.inka.de and mar...@martinpaljak.net.
Thanks, Andreas
___
opensc-devel mailing
Hi Daniel,
Am Sonntag 21 August 2011, 23:23:36 schrieb Daniel Kahn Gillmor:
On 08/21/2011 12:36 PM, Peter Marschall wrote:
* renable zlib readline support
[...]
what about a new, official Debian package, with my changes as the
starting point as starting point?
i don't think these
Am Donnerstag 04 August 2011, 22:39:23 schrieb sibu xolo:
#---
#openct-control status
No. Name Info
===
0 Rainbow iKey 3000slot0: card present
Am Sonntag 07 August 2011, 11:32:58 schrieb Ludovic Rousseau:
2011/8/7 Andreas Jellinghaus a...@dungeon.inka.de:
Am Samstag 06 August 2011, 15:49:24 schrieb Ludovic Rousseau:
Hello,
I just released a new version of pam-pkcs11. I added the file
pam_pkcs11-0.6.7.tar.gz in the SVN
Am Donnerstag 07 Juli 2011, 23:13:30 schrieb Martin Paljak:
At least one person should be subscribed to the listmaster address, even
if only to find out if anything is broken and fix it, or a human sends
an email asking for help. Any volunteers?
Have been doing this for a few years or so.
Hi,
I really don't have time to look at all the emails I get daily from the
mailing list manager we are using - most of it is spam send to the list (and
blocked, as only subscribers can post), but sometimes real people send mail to
the list and either they need to subscribe and send it again,
some small questions:
what about code review tools/sites like gerrit? Are those usefull for open
source projects?
maybe those are also easier to use for both submitting patches and merging
those than posting patches to mailing lists or attaching them to tickets?
also I'd think that anyone doing
Hi Martin,
with the svn to git migration, I'm disabling my snapshot script.
Is that ok? How cna jenkins create new tar files and upload those
to opensc-project.org? Or can you run the service on the server
directly?
One thing that needs to be dealt with is opensc-commits, which also
includes
Hi everyone,
I moved the server vm to a different host a few days ago.
Is there any issue with the new host? There shouldn't be,
and except for a small downtime (some hours) and a change
in the ip config and name servers, there shouldn't have been
any hickups.
If you see any problem with the new
Hi,
I have a new server for hosting my virtual domains.
So I will soon move all domains - including opensc - to
this new server. That will create a downtime of a few minutes,
and maybe a bit of a chaos for max. one day, as the ip address
will change. I'm trying to get dns and whois info changed
Migration took a bit longer, but now the vm is running
on the new server (i.e. this is a test email). More small
hickups tomorrow, as we migrate the dns server.
Good night and best regards,
Andreas
___
opensc-devel mailing list
not sure about athena, but many cards return the number
of tries left, when you try to VERIFY a PIN. so if the
PIN is wrong, the lower byte or nibble of the return code
could be the number of tries left, and you can generate
a messagebox from that.
Good Luck!
Regards, Andreas
Am Donnerstag 17 Februar 2011, um 22:24:41 schrieb NdK:
I've found a lot of tutorials to use openssl to generate self-signed
certs (OK for my root CA), but couldn't find one where the signature is
done by the card. Even on
http://www.opensc-project.org/engine_pkcs11/wiki/QuickStart
no, that
Am Donnerstag 17 Februar 2011, um 23:30:57 schrieb NdK:
On 17/02/2011 22:55, Andreas Jellinghaus wrote:
no, that wiki page is correct and works for me - done it a hundred times.
it uses the key on the card, and the card does the signature (you cannot
read the private key, a smart card won't
Am Sonntag 13 Februar 2011, um 21:39:17 schrieb NdK:
What's the downside of setting it to bigger size? Maybe even 8192 or so?
Can I override default profiles on a per-user basis in a simple way? I
already tried copying myeid.profile and using -p, but I had to use
I haveno clue about myeid cards.
but in general you need to edit the profile to set the size of the
*DF files (directory files, i.e. files with the list and attributes
of all certs / keys / whatever). If some fileis too small, all you can do
is erase the whole card and create a new pkcs#15
Am Mittwoch 09 Februar 2011, um 19:51:15 schrieb LIMIN Thomas:
Hello
I have an Aladdin eToken Pro 72k Java.
According to http://www.opensc-project.org/opensc/wiki/AladdinEtokenPro:
The eToken PRO is fully supported by OpenSC and is well tested
yes. but eToken PRO and eToken PRO 72k are
Am Dienstag 08 Februar 2011, um 09:08:38 schrieb Ludovic Rousseau:
I would not say openssh is slow or fast. That is not the problem here.
It is _expected_ to have a _highly_ variable time for prime number
generators.
maybe some smart cards add extra delays if they find a random number
fast, so
Am Samstag 15 Januar 2011, um 00:21:45 schrieb Lionel Elie Mamane:
Then please change the Reply-To of the opensc-commit mailing
list... Commit messages come with
Reply-To: opensc-de...@opensc-project.org,
opensc-devel@lists.opensc-project.org
Messages sent by humans seem to
Am Sonntag 06 Februar 2011, um 20:29:49 schrieb Ludovic Rousseau:
I just got catch by this configuration bug.
Mails sent to opensc-de...@opensc-project.org are rejected. So
replying to a opensc-commit mail will generate a mail error.
The opensc-commit Reply-To: header need to be fixed.
Am Sonntag 06 Februar 2011, um 20:23:59 schrieb Ludovic Rousseau:
2011/2/6 webmas...@opensc-project.org:
Revision: 5185
Author: andre
Date: 2011-02-06 17:28:30 + (Sun, 06 Feb 2011)
Log Message:
---
Revert r5137, because size_t is defined as unsigned integer type
Am Montag 31 Januar 2011, um 10:35:47 schrieb Ludovic Rousseau:
I don't know if it is possible to specify a PPS.
It is not possible to do that using pcsc-lite unless the driver has
support for it.
ok, thanks for the advice! more reason to return cards with broken
atr to the manufacturer :)
Hi everyone,
this is a bit off topic, but I hope you can still give
me some advice about PCSC api usage (mostly on win).
background: I'm changing some commercial code at work from
a proprietory interface to standard PCSC interface and
wonder how you can do some of these things...
Is there a
Am Mittwoch 26 Januar 2011, um 12:12:42 schrieb Nikos Mavrogiannopoulos:
I don't understand what you mean by a reasonable enrollment system, however
having seen the EMV protocol, I believe that the available PKCS #11
compatible smart-cards have a much higher security level than EMV bank
cards.
Am Donnerstag 06 Januar 2011, um 14:57:35 schrieb Peter Stuge:
Cool. I'm not sure exactly how to implement that $handling, it also
depends a bit on what tools and processes are used on the server.
see one of my last emails in the thread. postfix has everything we need
build in.
I also think
maybe use a central ca creating the keys and storing
them (and the cert) on the cards? that way the key
would be created by the hsm of the ca.
of course you would need a card with secured and
authenticated connection to it, so you can be sure
to store keycert on the card of your choice.
opensc
Am Mittwoch 05 Januar 2011, um 18:26:10 schrieb Peter Stuge:
The motivations are, again:
* to have one canonical mailing list address
+ meaning that mail to other addresses has some handling
to help guide posters to the canonical address (ie. something
better than current
Am Mittwoch 05 Januar 2011, um 13:24:43 schrieb Peter Stuge:
Andreas Jellinghaus wrote:
the biggest argument of course is: why change a working system?
But it isn't working, that's the point. It's ambiguous and
unneccessary to have two addresses for the list and every now
Am Montag 03 Januar 2011, um 23:59:47 schrieb Peter Stuge:
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
I would appreciate if we could change the canonical email address of
the list to be *without* the lists.
Hi everyone,
I'm really sorry and it is frustrating, but things went
wrong here and I won't be able to make it to fosdem this
year. Still I hope many of you can make it and will have
a good time.
With best regards, Andreas
p.s. And a happy new year to all of you!
the biggest argument of course is: why change a working system?
also, it might affect every single user, if we change the email
address of the list, so that alone is a very good reason to not
do that.
Hm? Is anyone using email addresses @opensc-project.org ?
19 emails to
Am Montag 20 Dezember 2010, um 07:39:43 schrieb Nikolay Elenkov:
On 2010/12/20 15:23, Andreas Jellinghaus wrote:
2.) a PKCS-CSP such as the ID-Ally CSP, CSP#11 or PKCSCP - all these
packages implement a CSP, but they don't talk to the smart card
directly. Instead they load a pkcs
Hi Jean-Michel,
there is no PKCS#11 smartcard, as the format of the data has nothing
to do with the API of the software used to access the card.
The traditional way for windows software is this:
1.) a baseCSP minidriver to access the card combined with
2.) a PKCS#11 plugin to access the card,
http://www.h-online.com/open/news/item/When-a-smart-card-can-root-your-
computer-1154829.html
http://www.heise.de/security/meldung/Wenn-die-Smartcard-den-Rechner-
rootet-1154599.html
Heise reports a security issue found in OpenSC. As far as I can see
the code was added in 2004 to the starcos
Hi everyone,
is anyone going to cartes? that is the biggest smart card exhibition
as far as I know, in paris 7.12. - 9.12., i.e. starting tomorrow.
If so, please feel free to send report, I guess everyone is
interested about all the new stuff you can tell us about.
Personally I'd be interested
Am Montag 06 Dezember 2010, um 19:44:58 schrieb Martin Paljak:
Hello,
On Dec 6, 2010, at 8:13 PM, Andreas Jellinghaus wrote:
Personally I'd be interested in:
* cheap jcop cards (contact only, dual interface, or
as cheap usb stick). and of course resellers that sell
them
Am Sonntag 26 September 2010, um 14:52:58 schrieb Viktor TARASOV:
Hi,
what is the maximal possible size of the file to commit into the
'svn/files/trunk/contrib/' ?
My attempt to upload the MSI of the opensc-sm, that weights a little bit
more the 2M,
was refused with error '413 Request
Am Mittwoch 22 September 2010, um 08:28:41 schrieb Jean-Michel Pouré - GOOZE:
Le mardi 21 septembre 2010 à 19:25 +0200, Andreas Jellinghaus a écrit :
I haven't found a nice hostel so far. any suggestions?
Several years ago, I stayed in Sleep Well Youth Hostel
http://www.fosdem.org/2011
Am Donnerstag 23 September 2010, um 02:49:56 schrieb Andre Zepezauer:
Therefore my question is: Do you think it could be worthwhile to take
some efforts on standardising on *one* single definition of pkcs11.h?
And given the case it would be worthwhile, how to start such an effort?
talk to rsa
Am Dienstag 21 September 2010, um 07:17:15 schrieb Peter Stuge:
FOSDEM loves this. Reading http://fosdem.org/2011/call_for_devrooms
they say over and over that they want related projects to cooperate,
and they will be prefered at the conference.
Should we organize ourselves a foss crypto
Hi everyone,
I always wanted to go to FOSDEM conference in Brussels, Belgium.
Next year the conference will be on 5th and 6th of february.
Maybe more people on this list are interested in going there
and meeting up, and maybe having a devroom, a talk, or whatever
other options we have?
Last
Am Sonntag 05 September 2010, um 17:22:31 schrieb Emanuele Pucciarelli:
Hello,
I have an issue with Trac. Since I have reset my password I can't seem
to login. If I try to login with a wrong password, then the correct
error message comes up.
trac.log:
2010-09-05 16:18:44,853 Trac[session]
Hi everyone,
we got some spam on our list, send by people using the list
address as from: in smtp. I changed our email config to
check the smtp sender address properly (valid host etc.)
and also blacklisted our mailing lists as from address.
I hope that works - reduces spam send to opensc and
Am Montag 30 August 2010, um 22:13:34 schrieb Andre Zepezauer:
what do you think of dropping the possibility to initialise CardOS smart
cards in 0.11.14? The reason of doing so, is to stop the production of
more of these questionable split-key cards.
Very bad idea. CardOS is working very well
the hoster of opensc-project.org is moving the machine
to a new data center, thus the machine will be unavailable
from
august 30th ~22:30 CEST
to
august 31st ~07:30 CEST
Regards, Andreas
___
opensc-devel mailing list
Am Sonntag 18 Juli 2010, um 00:16:15 schrieb Stef Walter:
Is there a spec around for specifying to applications which PKCS#11
modules to load and how to initialize them?
I'm thinking something along the lines of PAM conf files, where you can
specify which PAM modules different applications
Am Mittwoch 14 Juli 2010, um 19:41:09 schrieb David Woodhouse:
On Wed, 2010-07-14 at 20:31 +0300, Martin Paljak wrote:
http://pcsclite.alioth.debian.org/unsupported.html#0x05290x0620
It is not supported / only works without a reset.
Thank you. With 'connect_reset=false' in opensc.conf,
Hi Kerstin,
Am Mittwoch 07 Juli 2010, um 14:05:42 schrieb kerstin.ho...@uv.ruhr-uni-
bochum.de:
Hi Andreas,
I checked out 0.12.0-svn-r4413. With this version, our cards work again.
In the previous versions (up to release candidate 0.11.14) it seems to be
the change of flag
If you initialize a card with old opensc and split-key,
and then try to use or alter it with the new opensc with
that patch, does it still work?
I didn't touch some parts of the code, because I feared
to break support for old opensc cards initialized with
split-key. we should never do that IMO,
Am Montag 21 Juni 2010, um 08:47:07 schrieb Jean-Michel Pouré - GOOZE:
On Sat, 2010-06-19 at 19:06 +0200, Andreas Jellinghaus wrote:
google pkcs11-spy and the first hit is:
http://www.opensc-project.org/opensc/wiki/UsingOpensc
Thanks I updated the doc with examples.
Now, I try
Am Freitag 18 Juni 2010, um 14:09:33 schrieb Johannes Becker:
Am Montag 14 Juni 2010 schrieb Andreas Jellinghaus:
1.) define a test.
for example pkcs11-tool --test --login --pin ... --slot
I didn't succeed yet in testing all you've proposed.
Here an intermediary result.
The RUB-Card
Am Freitag 18 Juni 2010, um 15:44:57 schrieb Alessandro Premoli:
Is there a plan to switch from libassuan 1 to libassuan 2, as gnupg just
did, for the signer browser plugin?
there is not a single known user of the signer plugin,
thus we removed it from opensc code, and the next major
release
Am Donnerstag 17 Juni 2010, um 13:25:42 schrieb kerstin.ho...@uv.ruhr-uni-
bochum.de:
Hi,
thanks for your reply. I will try the code in the trunk next week.
good!
I already tried the release candidate 0.11.14-rc1. This does not work with
our cards, we have the same problem as with version
Am Mittwoch 09 Juni 2010, um 12:41:51 schrieb Johannes Becker:
Hello,
I got a card for testing purposes from the Ruhr-Universität Bochum.
It works with Windows, the newest Firefox and opensc-pkcs11.dll from good
old smart card bundle. (opensc 0.11.4).
It doesn't work on Debian Linux
to the card. (i.e. the old code wrote the flag to the card,
that shouldn't have happened, and any way the new code should read the
card code, and then add any internal flags necessary...)
There has already been a posting by Andreas Jellinghaus at 12.March 2010,
removing --split-key,using
you seem to be confused: noone is merging trunk into 0.11.4.
for 0.11.* there is maintanence only:
some urgent bugs are fixed in a new 0.11.* release, with those
important bug fixes only.
trunk is incompatible ABI and API wise with 0.11.* so it can't
be merged without breaking ABI and API. the
Am Donnerstag 27 Mai 2010, um 10:57:58 schrieb Juergen Beisert:
what is missing are some small issues:
* license: LGPL-2.1+? or 3-BSD? or some other license?
In my next version I replaced the license information by a link to
the 'LGPL-2.1' file. Okay?
ok. best use the template in the
Am Donnerstag 27 Mai 2010, um 11:01:53 schrieb Kalev Lember:
What API/ABI stability are you talking about?
right. since only the tools inside opensc source code use
libopensc, there is no need to worry about ABI/API any more.
so let me rephrase the question:
can we target a new stable release
Am Dienstag 25 Mai 2010, um 15:54:10 schrieb Ludovic Rousseau:
You may want to specify a LGPL license version. 2.1 or 3.0 or (at your
option) any later version?
I had a quick look at the other OpenCT files and they do not use the
standard LGPL license text.
And the license version is not
the code looks good to me. very clean, nice!
what is missing are some small issues:
* license: LGPL-2.1+? or 3-BSD? or some other license?
* the whole picture: if someone has a patched kernel
and openct with these changes: how does he get it to
work? mknod to create a device and a static
Am Donnerstag 20 Mai 2010, um 10:11:03 schrieb Juergen Beisert:
That's exactly what I have. But to bring such kind of driver into the
mainline kernel, the API to the kernel space must be more generic. That's
the reason, why I'm asking for more uses cases for these SmartCards than I
have with
Am Donnerstag 20 Mai 2010, um 09:47:19 schrieb Juergen Beisert:
Hi Andreas,
Andreas Jellinghaus wrote:
Thinking about it for a few more minutes, I have a much better
advice: implement a serial port.
That was also an idea of Alax Cox. But this implies to emulate the whole
reader
It would be great if the entersafe driver could be improved
to the point, where src/test/regression/ test suite works
with the cards. The test suite provides a very good way for
us to test many different card features, and make sure new
versions of opensc still work as good as old cards.
I think
Am Mittwoch 19 Mai 2010, um 15:32:22 schrieb Juergen Beisert:
I don't know if this is the correct list to ask this question. If not,
please give me a pointer.
muscle list has even more experts on writing drivers I guess,
but opensc-devel should be fine, too.
Other SmartCard interfaces are
Am Mittwoch 19 Mai 2010, um 10:38:16 schrieb Alon Bar-Lev:
For a security product, I don't think it is wise to have default of
none secure behavior, especially such that allows everyone to use the
private objects once authenticated.
I agree. and I think openssl engine_pkcs11 breaks if you
Thinking about it for a few more minutes, I have a much better
advice: implement a serial port.
the reader-smart card interface is not that much different from
a serial port I guess, so in kernel land you should be able
to look at many existing drivers for serial ports, and implement
a simple
Am Mittwoch 28 April 2010 17:31:27 schrieb Jim Rees:
The Rainbow ikey seems to have been discontinued in 2007.
I thought it was never realy sold - only a few examples
made it to the distributors?
CyProtect
recommends AET IDp 1000 Token, which is JCOP41, as a replacement. Will
this work with
Am Sonntag 25 April 2010 20:56:44 schrieb Ludovic Rousseau:
And on Mac OS X Snow Leopard I do not have getline().
Maybe a correct solution is to test for the presence of getline in
configure.ac and use
#ifdef HAVE_GETLINE
#else
/* Windows and Mac OS X */
#endif
ah. windows is not an
Am Montag 26 April 2010 14:29:43 schrieb webmas...@opensc-project.org:
Revision: 4266
Author: viktor.tarasov
Date: 2010-04-26 12:29:42 + (Mon, 26 Apr 2010)
...
- buf[i] = _getch();
+ /* buf[i] = _getch(); */
+ buf[i] = getchar();
_getch() gets
Am Mittwoch 21 April 2010 16:38:24 schrieb webmas...@opensc-project.org:
Revision: 4264
Author: jps
Date: 2010-04-21 14:38:23 + (Wed, 21 Apr 2010)
wow, great! chears for jps!
does anyone know a source where I can buy a cardos 4.4 card? :)
also: once the startkey is changed from 00
Am Mittwoch 21 April 2010 21:01:51 schrieb Jim Rees:
I'm in need of a command line utility that can do https fetches given a
url, like wget, but use pkcs11 for the crypto ops, so I can store the
client cert/key on a smart card. Firefox will do this but it's overkill
and I need something
I think it is a great idea to implement these things!
forking a project is easy (every cp -r ... is a fork from my point of view),
but merging can be hard, depending on the tools you use.
thus my advice:
a) stay in opensc svn, but simply do
svn cp https:///svn/opensc/trunk \
Am Mittwoch 21 April 2010 08:34:29 schrieb Peter Stuge:
Again, what part of the PC system would be authenticated by the token?
Basically; what purpose does the authentication serve for the token?
for example I would like to put my openssh known_hosts on a smart phone,
so it is current with all
1 - 100 of 872 matches
Mail list logo
