Ludovic Rousseau wrote:
* Trac/Wiki/ - any progress here? I remember so offerings and
questions to migrate, but no status update since - maybe I missed it?
We are waiting solution from Peter.
I don't think we can count on Peter. I had a bad experience on the
libusb project and
Andreas Jellinghaus wrote:
* Trac/Wiki/ - any progress here? I remember so offerings and
questions to migrate, but no status update since - maybe I missed it?
No progress, the offer is still good, but no chance of making it
happen before end of year.
//Peter
Ludovic Rousseau wrote:
Merging a pull request from github adds a merge pull request commit.
The history is then not very nice (linear) but I don't know a better
way using the github web interface.
It isn't neccessary to use the github web interface just because
github is used to host the
frederic.comb...@cea.fr wrote:
Here is my patch (actually, 2 patches that depend if the patch
concerns only the error 2328 (patch 1) or the whole block
processing the return value of verify_certificate() (patch 2)).
Patch 1 is obviously incorrect because your change is inside a
conditional.
Michael Wisniewski wrote:
Could not open module /usr/lib/vmware/view/pkcs11/libopensc-pkcs11.so.so:
/usr/lib/vmware/view/pkcs11/libopensc-pkcs11.so.so: cannot open shared
object file: No such file or directory
I was wondering if you knew which package I would have to install to obtain
Ludovic Rousseau wrote:
The idea of git is to _not_ have to give access. Just send pull
requests and I (or another admin) will pull your code.
Yes and no. Multiple people writing to a central repo works perfectly
fine also with git.
//Peter
___
Ludovic Rousseau wrote:
Andreas, the host available at opensc-project.org will disapear at the
end of the year 2012 [2].
I think you misunderstood what Andreas wrote in his email.
I think that what Andreas was saying is that someone else needs to be
root and care for the machine.
I don't
that Peter Stuge proposed to do something
with Trac.
Peter, if you are here, can you take this part, or at least explain
how it could be done, please?
If no suggestions, Trac can also be hosted by 'opensc.fr' .
Educating someone on how to do a migration is as I'm sure you know a
whole lot more work
Andreas Jellinghaus wrote:
I wonder what we can or should do to improve the state of the project.
I think it's clear that only very few entities are putting resources
into the project.
there hasn't been any real discussion, no back and forth about the
merrits of the different proposals, and
Viktor Tarasov wrote:
- mailling list: the same, if no other suggestions, I'm ready to
install/migrate it to 'opensc.fr' platform.
Would be nice if one of the experts explain what is the actions to
follow for such migration.
I don't like mailman too much. I've set it up, but I don't use
Anders Rundgren wrote:
http://www.theregister.co.uk/2012/11/13/trustzone_company
Smart cards? Don't think so.
TrustZone isn't half bad hardware.
But I bet that the solution they come up with will still use exactly
the same old APDUs, with just a minimum bolted-on, in order to make
something
Andreas Jellinghaus wrote:
if there is noone specialised on setting up such a server and keeping
it running well and secure
There is, and my offer still stands.
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
Jean-Michel Pouré - GOOZE wrote:
Can you help?
Difficult without actual error output. The mail only included the
executed commands.
//Peter
pgpyInSbTHDae.pgp
Description: PGP signature
___
opensc-devel mailing list
Ravneet Singh Khalsa wrote:
Is there equivalent command for Windows specific environment ?
The command seems to be pointing to engine_pkcs11.so and
opensc-pkcs11.so files. I couldn't find these files anywhere.
..
I am a programmer and I understand only programming languages.
It's good for
Andreas Schwier wrote:
I will first need to write a small test in C to reproduce the problem.
Right now we test from Java, which makes debugging a real nightmare.
Maybe you can reproduce it using some of the existing command line
tools?
//Peter
___
NdK wrote:
IIUC that bit is not authenticated, so a MITM attack can force both the
reader and the card think the other party doesn't support PIN auth,
making the card sign the transaction anyway, regardless the amount
involved. So IMVHO it's quite serious...
NdK wrote:
IIUC that bit is not authenticated, so a MITM attack can force both the
reader and the card think the other party doesn't support PIN auth,
making the card sign the transaction anyway, regardless the amount
involved. So IMVHO it's quite serious...
Jean-Michel Pouré - GOOZE wrote:
I was quite busy and failed to do any work these last days.
Remember how much easier it is to write email with opinion.
//Peter
pgpNhpOSPqCvo.pgp
Description: PGP signature
___
opensc-devel mailing list
Andreas Jellinghaus wrote:
A small follow up: As far as I know the server does:
* svn server / code repository
* svn server / release tar.gz repository (also containing binaries)
* build robot to create nightly builds and or automated builds (jenkins?)
* many trac repositories - wiki, browser
Peter Åstrand wrote:
proprietary BankID application
I suggest to try https://fribid.se/ out.
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Martin Paljak wrote:
IIRC it was apple who wants to make a phone self-register. Meaning
there are no parts to add or remove from the phone and you pair it to
your operator online. The question IMHO is how much do telcos want
to give up the freedom of controlling access to their networks...
Andreas Schwier (ML) wrote:
we've put in a pull request in github/opensc/staging to include a card
driver and PKCS#15 emulation module for our SmartCard-HSM [1].
That sounds nice. I haven't yet looked at the code.
This driver is a read-only driver that works with SmartCard-HSMs that
already
Viktor Tarasov wrote:
I would like to start preparation of the new release based on the
'staging' branch of GitHub OpenSC .
Your suggestions proposals are heartily welcome.
I suggest, as always, to not release anything without good review.
//Peter
Ludovic Rousseau wrote:
I don't know where the Gerrit's review directory is and could not
find a gerrit config file.
ps www $(pidof java)
$ pidof java
24079
$ ps www $(pidof java)
PID TTY STAT TIME COMMAND
24079 pts/2Sl+ 29:22 java -jar jenkins.war --httpPort=8889
Ludovic Rousseau wrote:
I don't know where the Gerrit's review directory is and could not
find a gerrit config file.
ps www $(pidof java)
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
Jean-Michel Pouré - GOOZE wrote:
do you confirm that anyone can now make a pull request using only GIThub?
As you know I for one am strongly against centering anything around
the github workflow, especially when gerrit is available.
//Peter
___
Jean-Michel Pouré - GOOZE wrote:
* Do we still fetch opensc-project development hooks?
scp -p -P 8882 www.opensc-project.org:hooks/commit-msg .git/hooks/ s
I don't know what it is for and propose to remove it.
Do you agree that it's difficult to propose to remove something you
don't know what
Jean-Michel Pouré - GOOZE wrote:
* If possible, I would like to restrict the number of concurrent
sessions in OpenSSH an set it to one. There should be no idle session.
If someone is already connected doing debugging, OpenSSH should reject
connection. This is the most tricky part of the
Jean-Michel Pouré - GOOZE wrote:
You can modify sshd a little or use some PAM module which I'm sure
can implement this policy.
For sshd you can start by setting MaxSessions to 1, but there's no
MaxAuthenticatedSessions setting. Be careful with MaxStartups, or
it becomes very easy to
Martin Paljak wrote:
Maybe it would be better to have a single sticky pkcs15-ish mapping
for a fixed profile card in a single location (like the pkcs15
emulation drivers) and allow pkcs15-tool (which does not try to create
any PKCS#15 structures) to re-generate exposed key slots and replace
Nguyễn Hồng Quân wrote:
I'm starting from the current codebase, which uses a emulation layer,
so I don't know other choice than continue with this approach.
First create the improved infrastructure in OpenSC that your work
needs.
Maybe it would be better to have a single sticky pkcs15-ish
Ludovic Rousseau wrote:
2012/5/27 Jean-Michel Pouré - GOOZE jmpo...@gooze.eu:
Sufficient privileges in GIThub should be granted to a group of people.
Trust is enough to agree on commits. FOAS means Free and Open.
FOAS = ?
I guess FOSS.
The open does however not mean that the entire world
Alon Bar-Lev wrote:
Peter, quality is not absolute term.
In computing I actually think it is; a high quality program does
exactly what it is supposed to do and never anything else.
Computers are very simple machines, so it is feasible for humans to
create such programs.
best algorithm
good
Jean-Michel Pouré - GOOZE wrote:
What I suggest is that OpenSC should be hosted on GIThub with write
access to core developers (at least 5/6 people).
Insisting on changing some hosting situation that has been set up is
nothing but obnoxious protesting and spitting on the already
established
NdK wrote:
BT-readers
Urgh... I wouldn't use a BT reader unless the card uses SM.
It's trivial, if you sniff the pairing, to decode the whole BT
traffic. And non-SM cards receive the pin as cleartext.
http://ubertooth.sourceforge.net/ about ~100 EUR including shipping.
//Peter
Viktor Tarasov wrote:
I still propose to merge the SM branch into the github:OpenSC-staging
and prepare it as candidate for release . It should not be difficult,
recently both branches has been synchronized.
The difficulty lies not in making something that builds, the
difficulty lies in
Anton Svensson wrote:
Hmm, what kind of info is needed? Dont have that much to be honest
Full debug logs from pcscd and/or opensc?
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
Jean-Michel Pouré - GOOZE wrote:
ease the collaboration process quickly or the community will set-up
its own tools.
Please stop blowing smoke. You want to fork so GO AND DO IT ALREADY!
You clearly have no desire to work together with all members of the
community. You've decided that only your
Jean-Michel Pouré - GOOZE wrote:
community, is there a way to agree to switch the 'public
staging' to 'SM' and use it as a principal base for releases?
I don't think there is.
//Peter
pgpmvOdeyPmxt.pgp
Description: PGP signature
___
opensc-devel
Ludovic Rousseau wrote:
1. rebase the SM branch over the OpenSC version in gerrit/staging
Okay. So all we need is a diff between SM and staging?
No. What you need is to extract all the SM patches and apply them
on the gerrit/staging branch.
Of course some conflicts are expected and need
Viktor Tarasov wrote:
How the 'staging', that you are working on, is related to the
'staging' branch of the OpenSC.git from github ?
Looking onto the git workflow
(https://www.opensc-project.org/opensc/wiki/DevelopmentPolicy)
I do not quite understand the place of 'staging' on the
Ludovic Rousseau wrote:
on the SM branch use: git format-patch origin to get the changes
in individual patch files.
on the gerrit/staging use: git am my_patch for all the previously
generated patches.
I would avoid doing this manually. git rebase really is the way to go.
I am still
Ludovic Rousseau wrote:
Gerrit has more than 200 patches still waiting the the backlog.
Many of them can't be merge since they do not 'fast-forward' and must
be rebased by hand.
Since the git commits were created without a Change-Id: we have 3
options (I think):
1. edit each commit message
Magosányi, Árpád wrote:
Graeme did some rework of the patch, but generally did not seem to
agree with the review. The new solution included the addition of new
API calls, however without any documentation. As anyone who has
looked at the code and doxygen output, libusb is quite well
Peter Stuge wrote:
So I would be in favor of letting main developers commit their
changes to ONE SINGLE git staging branch directly and let
developers/users fix the code.
It's an interesting idea, but it places a significantly higher
workload on the developers if there is more than one
Ludovic Rousseau wrote:
automatically send notifications for all new patches to the
opensc-devel mailing list,
Peter, can you explain how to setup gerrit for that? I think only
Martin can do that change as the gerrit admin.
It requires adding a patchset-created hook into the magic hooks
Ludovic Rousseau wrote:
Whenever I start pcscd manually:
sudo pcscd --foreground --debug
Use:
sudo /usr/sbin/pcscd --foreground --debug
Is it re-executing? Suggest do like sshd and refuse to start without
full path in that case.
//Peter
___
Jean-Michel Pouré - GOOZE wrote:
Just remember there was a peer discussing about a 60 second timeout bug
in libusb/pcscd. The first peer says the bug is in libusb. The second
peer says the bug is in libccid. And the bug never gets fixed. And ALL
tokens may suffer from this 60 seconds timeout.
Ludovic Rousseau wrote:
I think you are doing the good thing. Thanks.
I agree!
I encourage every user of the opensc-devel list to:
- create a gerrit account
- subscribe to the Email notifications. Go in Settings - Watched
Projects and check the 3 notifications boxes for the OpenSC project
Jean-Michel Pouré - GOOZE wrote:
iterative modifications and evolutions. This only happens if the
first version of a patch is committed fast and spreads using the
Internet.
WTF?
This goes diametrically against the goal of software quality.
It is becoming clear to me that you have absolutely
Magosányi, Árpád wrote:
6 months worth of patches which cannot be reviewed
This is simply not true. *Anyone* can register on Gerrit and review,
and *all* review is a helpful contribution!
The problem is not that the code can not be reviewed, but that noone
is doing review. Anyone can do it.
Jean-Michel Pouré - GOOZE wrote:
Unless you agree that by writing on the mailing list, we are going
to incorporate an association.
Jean-Michel, as I've said already, please stop the noise and go fork
if that is what you want! I promise I'll stay far away.
//Peter
pgprOilbqPvTj.pgp
Alon Bar-Lev wrote:
I will try again.
Thanks! It really helps!
The bureaucracy and lack of flexibility will inhibit contributions
and healthy *SMALL* community.
What bureaucracy do you mean? Requiring no build failure and review
in gerrit? I think those are acceptable requirements.
Jean-Michel Pouré - GOOZE wrote:
Jean-Michel, as I've said already, please stop the noise and go fork
if that is what you want! I promise I'll stay far away.
We don't want to fork, this would be stupid.
Please understand that whatever you try to organize democratically
will indeed be a
Jean-Michel Pouré - GOOZE wrote:
Please understand that whatever you try to organize democratically
will indeed be a fork. Open source is not democracy.
Peter, you are shooting yourself a bullet in the foot.
This isn't about me.
As written before, some people really believe to own
Viktor Tarasov wrote:
I still propose to temporarily use the alternatives jenkins gerrit.
It's IMO really stupid to fork anything, regardless if it is code or
infrastructure.
//Peter
___
opensc-devel mailing list
Viktor Tarasov wrote:
Could you explain here how can we 'move forward', preferably
without appealing to the absent persons and to the non-working
services?
No, a move forward idea is broken from the start.
Be specific. What is it that does not currently work and which is
critical for
Ludovic Rousseau wrote:
So I used the OpenSC documentation at [2] and rebased my staging
branch (from [3]) onto gerrit/staging.
Note that gerrit/staging is a so-called remote tracking branch, and
it's best not to commit to those to avoid conflicts if other changes
arrive from the remote than
Ludovic Rousseau wrote:
Change 2 now merged.
Ok!
I also tried with change 3
https://www.opensc-project.org/codereview/#change,3 but I get the
error:
Gerrit Code Review 8:45 PM
Change cannot be merged due to unsatisfiable dependencies.
The following dependency errors were
Hi,
Ludovic Rousseau wrote:
I don't know if gerrit is broken or if I do not know how to use it :-)
I would say that gerrit has some problem.
Example with https://www.opensc-project.org/codereview/#change,6
The status is Submitted, Merge Pending. And has not changed since
Feb 19 (one month
Peter Stuge wrote:
I made an attempt to kick change 1 loose.
Ok, so that worked. It would work fine to repeat this for each
change, even if it is a bit labour intensive at least now, to clear
the backlog. I've done it also for change 2 now.
As you may recall, approving and submitting the change
Ludovic Rousseau wrote:
I made an attempt to kick change 1 loose.
Done.
The status is now Merged and the change is available in git at
https://www.opensc-project.org/codereview/p/OpenSC but not yet on
git://github.com/OpenSC/OpenSC.git
I guess github is synced only periodically.
I note
Peter Stuge wrote:
The current config has strong arguments, even if it brings slightly
more inconvenience. I actually favor not changing the config, even if
we will have to rebase each and every change.
Thinking again about this, there's another possible problematic
situation which I don't
Douglas E. Engert wrote:
change,44 below is Vicktor's, not mine. I should not have said
I think I have to rebase the code, and do another pull request?
You can also do it!
//Peter
___
opensc-devel mailing list
Anders Rundgren wrote:
I don't know what USB P11 is, can you send me a pointer?
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of course.
Although PKCS #11 is good it is not particularly popular on Windows.
It is
Douglas E. Engert wrote:
I am new to Gerrit too,
All right! I'm by no means an expert, but I have been using it in
several projects for a while, where I also helped with issues during
the migration, so please feel free to ask any questions.
but it looks like if 2 code reviews give a +1, the
Anders Rundgren wrote:
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of course.
Maybe you would like to have an STM32F215-based token?
160 MHz, 128K RAm 1M Flash, USB HS, True RNG, AES
It may happen this year.
Douglas E. Engert wrote:
I have not tried this, but check out this token too:
http://www.goldkey.com/usb-smart-card-with-piv.html
Built-in PIV Support
Basic functionality and support for PIV cards and tokens already
exists in Microsoft Windows®, Mac OS® X, and many Linux®
Hi!
Jean-Michel Pouré - GOOZE wrote:
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of course.
Feitian offers two ranges of products: CCID (ePass2003 and other
products) and HID over USB (ePass2001 and other
Jean-Michel Pouré - GOOZE wrote:
http://libusb.org/wiki/FAQ#CanIcreateadriverlessdeviceusingHIDclass
I wron't discuss as I don't know if improving HID for GNU/Linux is
really time consuming.
Hopefully you read the page anyway to find out about the
considerations for HID. It may still be
Jean-Michel Pouré - GOOZE wrote:
No need for token, but thanks for the offer! :) The code that already
supports the device is instead what I would look at. Is it available
online?
Sorry, it is not publicly available.
You mentioned that one component is the small proprietary HID code
for
Peter Stuge wrote:
You mentioned that one component is the small proprietary HID code
for Linux and that part is of course not available, but it seemed
like the other parts might be? Or did I misunderstand?
I think I did. I read your email again to check.
Can you say more about the software
Jean-Michel Pouré - GOOZE wrote:
1) The ePass2003 code was reviewed by Viktor and included in his branch.
You probably did not know, did not compile, did not test and therefore
Viktor's work is ignored.
This is appropriate in my opinion, because I do not think that the
commits are ready for
Viktor Tarasov wrote:
Nobody doubts that review in critical.
But what shall we do now, how can we 'move forward',
if the review/acceptance process is stopped at the Gerrit level
and the only person that is capable and has authority to do
something is absent for a long time already ?
I
Anders Rundgren wrote:
For non-government tokens like the excellent Feitian Epass2003
I would consider another approach: Updating the firmware to
emulate PIV so that we can put the middleware aside once and
for all.
I agree completely that all the legacy involved in tokens and cards
is
Jean-Michel Pouré - GOOZE wrote:
Until newbies can demonstrate that they have learned the right things
they are by definition not moving forward.
Come-on, we are not in a class-room or in an administration.
We are also not in a democracy. We are in a security related open
source project.
Viktor Tarasov wrote:
Nobody doubts that review in critical.
But what shall we do now, how can we 'move forward',
if the review/acceptance process is stopped at the Gerrit level
and the only person that is capable and has authority to do
something is absent for a long time already ?
Jean-Michel Pouré - GOOZE wrote:
We are also not in a democracy. We are in a security related open
source project.
Don't get me wrong. This is an organization issue. I am not talking
about forking OpenSC, this would be stupid.
Not neccessarily - if there is critical mass I think it is
Jean-Michel Pouré - GOOZE wrote:
I created an account on Gerrit and looked at this URL:
https://www.opensc-project.org/codereview/#q,status:open,n,z
Some issues are marked 18 February 2012 with Jenkins user.
So it seems we have GITHUB, Jenkins and Gerrit ...
All this seems complicated.
Peter Stuge wrote:
Please advise:
1) How to push a patch from GITHUB to OpenSC staging directory.
In two or three sentences.
I would do:
One-time setup:
a. Create Gerrit account and add username and public SSH key
b. git clone from github which has the patch
c. cd into cloned dir
d
Anders Rundgren wrote:
You didn't hear my presentation at FOSDEM 2012 but it was about
creating a token with a standard API so that you would as a
customer be able to just plug it in.
This is an advantage of USB P11. In Windows 8 and later there doesn't
even have to be a driver installed,
Jean-Michel Pouré - GOOZE wrote:
With Git, anyone and everyone is a committer.
The question here is flexibility:
What flexibility is needed? My point is that everyone can easily
create perfect patches, and given perfect patches which have been
peer reviewed there is no need for flexibility
Alon Bar-Lev wrote:
This project loses its flexibility, this is not an advantage.
I disagree. I find that Git allows all the flexibility developers
could ask for.
The cry for more committers is misguided. With Git, anyone and
everyone is a committer. If commits exist but are not being included
Frank Cusack wrote:
For example, if I had some key/cert on the card (and I know it can only
exist on the card -- this might happen before it is shipped to me or in
bulk secure provisioning on site) that is not able to be used for anything
externally. ie, you cannot encrypt,decrypt,sign or
Seriously, please trim replies.
Christian Hohnstaedt wrote:
Anything that can be signed by the card can be signed by a software
key, too.
Yes of course. But the point is that the card can come with the
special key pre-installed.
//Peter
___
Jean-Michel Pouré - GOOZE wrote:
Is there a way to store a 3DES key on smartcard, so it cannot be
extracted but still be usable by OpenSSL?
Maybe some card supports it, but usually it is undesirable for
performance reasons.
Symmetrical ciphers are usually intended for large amounts of data,
so
NdK wrote:
But I noticed that lastly every command is sluggish.
..
Is there something I should check or some more debugging I should enable?
Probably libusb bug #56 which has been fixed but not available
everywhere just yet. What distribution do you use?
//Peter
Martin Paljak wrote:
It is possible to access Gerrit Git interface through HTTP (instructions
pending) for pushing changes, also to check out code.
Feel free to reuse stuff from http://www.coreboot.org/Git
//Peter
___
opensc-devel mailing list
Douglas E. Engert wrote:
Is it possible to use:
https://jenkins.opensc-project.org/ instead of
https://www.opensc-project.org:/
https://www.opensc-project.org/autobuild/
https://gerrit.opensc-project.org/ instead of
https://www.opensc-project.org:8881/
Martin Paljak wrote:
Here is an overview of updates to opensc-project.org plumbing and Git.
Amazing effort Martin. Thank you so much for getting this done!
Gerrit uses OpenID for authentication (google.com has one, as do
many other websites) thus no new passwords needed.
In case anyone
Martin Paljak wrote:
Key is to build pcsc-lite with support for openct.
I guess you mean the opposite: build openct with pcsc-lite support.
Yes, that's right. Sorry for the confusion.
It would be nice if some OpenCT user would:
- remove CCID support from OpenCT default build
- make the
Niclas Hoyer wrote:
thanks for your help. I just copied your entries in /etc/reader.conf and
it worked!
Unfortunately, it just worked once really well. OpenCT crashed somehow
and now just responses with
ct_card_lock: err=-7
I haven't seen this on my system, but OK, let's solve that problem.
Niclas Hoyer wrote:
Unfortunately, it seems that the tar file, that HID uploaded is not correct:
$ tar xvf ifdok_cm4040_lnx_x64-2.0.0.tar.gz
tar: This does not look like a tar archive
Their web server is configured to automatically gzip compress file
names which end with .gz, so you get a tar
Niclas Hoyer wrote:
Um, ok, please let me know if I should spend time helping you to get
the cm4040 working?
Thanks for your help. I think I got it working now. I reinstalled
openct and double checked /etc/reader.conf.d/reader.conf
$ cat /etc/reader.conf.d/reader.conf
FRIENDLYNAME
Niclas Hoyer wrote:
I have set up OpenCT and cm4040 on a up to date full x64 ArchLinux
system. The only thing I had to do, after I installed
openct from AUR and pcsclite from the repositories was to first
comment out
#reader cm4040 {
#driver = ccid;
#device =
Andreas Jellinghaus wrote:
I'm running a recent ArchLinux on a Thinkpad x60t and installed a
CardMan4040 pcmcia card reader.
OpenCT works, at least I get an ATR:
Buy a real card reader, CardMan 4040 never worked right in all these
years, as far as I know.
Not so. I'm using one with
Niclas Hoyer wrote:
$ openct-tool list
0 CCID Compatible
$ openct-tool atr
Detected CCID Compatible
Card present, status changed
ATR: 3b ff 96 00 ff 81 31 ...
Good stuff. This means kernel driver and OpenCT are all in order.
In order to work easily with OpenSC and other software that
Ludovic Rousseau wrote:
The good news is that a new stable version of libusb should be
available soon.
Oh cool. Thanks for fixing it.
The patch has been available for a long time already, it has taken
libusb a good while to catch up with all issues.
Is it worth filing bugs with the
Alon Bar-Lev wrote:
However, there are some advanced cards that can generate
authentication token, so you can actually authenticate once using
PIN get authentication token out of the card (many can be available
at same time), then each transaction is authenticated using these
tokens. This
NdK wrote:
One of the projects on my TODO list (quite a long list :( ) is to
implement a suitable interface (CCID+virtual token? Could be better to
opt for something that doesn't require APDUs...) on an embedded system
w/ USB device interface...
Right. This is the idea for a USB p11 token
1 - 100 of 322 matches
Mail list logo
