Hello Andre,
(and a Cc to the list as you requested)
I know what you are trying to explain. Let me describe it from another POV:
I have a card (the Estonian ID-card to be precise) with an authentication key
and a non-repudiation key and with two PIN codes, PIN1 and PIN2.
The authentication key
Hello,
On Aug 3, 2010, at 11:05 PM, Andre Zepezauer wrote:
> in the interests of the users of OpenSC, it would be fair to apply the
> following patch.
FYI: I gathered all opensc.conf entries [1] that can have security/intrusion
related effects to the wiki page dealing with security considerations
Hello,
It is insecure if you use an insecure card with an insecure profile which does
not require PIN verification (user consent) before every operation.
It does not matter if your card is "secure" and/or the application using the
PKCS#11 module is built with security and usability in mind (not
Dear OpenSC developers,
in the interests of the users of OpenSC, it would be fair to apply the
following patch.
Kind Regards
Andre Zepezauer
Index: etc/opensc.conf.in
===
--- etc/opensc.conf.in (revision 4620)
+++ etc/opensc.conf.