Hello,
On Tue, Feb 21, 2012 at 16:46, Douglas E. Engert deeng...@anl.gov wrote:
It does not define a load key or any finalize
commands which would be needed by a production card management system.
I don't know about PIV internals, but maybe the finalize step is
automatic or not needed at all
Hello Anders,
On Tue, Feb 21, 2012 at 19:40, Anders Rundgren
anders.rundg...@telia.com wrote:
I have played with the idea of creating a secure stack-machine for
performing arbitrary cryptographic operations on result-data but I couldn't
figure out how this would work without introducing
On 3/23/2012 2:59 PM, Martin Paljak wrote:
Hello,
On Tue, Feb 21, 2012 at 16:46, Douglas E. Engertdeeng...@anl.gov wrote:
It does not define a load key or any finalize
commands which would be needed by a production card management system.
Martin, You really are catching up on your mail!
On 2012-02-20 23:22, Douglas E. Engert wrote:
On 2/20/2012 3:41 PM, Anders Rundgren wrote:
On 2012-02-20 21:40, Peter Stuge wrote:
Anders Rundgren wrote:
I don't know what USB P11 is, can you send me a pointer?
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been
On 2/21/2012 1:51 AM, Anders Rundgren wrote:
On 2012-02-20 23:23, Jean-Michel Pouré - GOOZE wrote:
snip
IMHO, CCID is superior as it is really plug-and-play under all systems.
Of course, CCID is needed, but it could be installed under all systems
by default. The last versions of libccid
On 2/21/2012 6:01 AM, Anders Rundgren wrote:
On 2012-02-20 23:22, Douglas E. Engert wrote:
On 2/20/2012 3:41 PM, Anders Rundgren wrote:
On 2012-02-20 21:40, Peter Stuge wrote:
Anders Rundgren wrote:
I don't know what USB P11 is, can you send me a pointer?
It's my old idea of
On 2012-02-21 16:17, Douglas E. Engert wrote:
On 2/21/2012 6:01 AM, Anders Rundgren wrote:
On 2012-02-20 23:22, Douglas E. Engert wrote:
On 2/20/2012 3:41 PM, Anders Rundgren wrote:
On 2012-02-20 21:40, Peter Stuge wrote:
Anders Rundgren wrote:
I don't know what USB P11 is, can you
On 2/21/2012 9:53 AM, Anders Rundgren wrote:
On 2012-02-21 16:17, Douglas E. Engert wrote:
On 2/21/2012 6:01 AM, Anders Rundgren wrote:
On 2012-02-20 23:22, Douglas E. Engert wrote:
On 2/20/2012 3:41 PM, Anders Rundgren wrote:
On 2012-02-20 21:40, Peter Stuge wrote:
Anders Rundgren
On 2012-02-21 18:16, Douglas E. Engert wrote:
snip
Pushing the ECDH Key Agreement to the token for use by the token
looks very interesting.
I meant based on your slides it looks like that is what you would like
to do as a new operation.
I'm not sure I understand what you are trying to
On 2012-02-19 19:11, Peter Stuge wrote:
Anders Rundgren wrote:
You didn't hear my presentation at FOSDEM 2012 but it was about
creating a token with a standard API so that you would as a
customer be able to just plug it in.
This is an advantage of USB P11. In Windows 8 and later there
Anders Rundgren wrote:
I don't know what USB P11 is, can you send me a pointer?
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of course.
Although PKCS #11 is good it is not particularly popular on Windows.
It is
On 2012-02-20 21:40, Peter Stuge wrote:
Anders Rundgren wrote:
I don't know what USB P11 is, can you send me a pointer?
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of course.
Maybe you would like to have an
On 2/20/2012 3:41 PM, Anders Rundgren wrote:
On 2012-02-20 21:40, Peter Stuge wrote:
Anders Rundgren wrote:
I don't know what USB P11 is, can you send me a pointer?
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of
Dear Peter,
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of course.
Feitian offers two ranges of products: CCID (ePass2003 and other
products) and HID over USB (ePass2001 and other products).
At Gooze, we have HID
Anders Rundgren wrote:
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of course.
Maybe you would like to have an STM32F215-based token?
160 MHz, 128K RAm 1M Flash, USB HS, True RNG, AES
It may happen this year.
Douglas E. Engert wrote:
I have not tried this, but check out this token too:
http://www.goldkey.com/usb-smart-card-with-piv.html
Built-in PIV Support
Basic functionality and support for PIV cards and tokens already
exists in Microsoft Windows®, Mac OS® X, and many Linux®
Hi!
Jean-Michel Pouré - GOOZE wrote:
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of course.
Feitian offers two ranges of products: CCID (ePass2003 and other
products) and HID over USB (ePass2001 and other
Dear Peter,
http://libusb.org/wiki/FAQ#CanIcreateadriverlessdeviceusingHIDclass
I wron't discuss as I don't know if improving HID for GNU/Linux is
really time consuming.
Do you know how it is used by CryptoAPI and/or PKCS#11 applications?
CSP and PKCS#11.
Just contact me privately and I can
On 2012-02-20 23:23, Jean-Michel Pouré - GOOZE wrote:
snip
IMHO, CCID is superior as it is really plug-and-play under all systems.
Of course, CCID is needed, but it could be installed under all systems
by default. The last versions of libccid with udev really rocks. Pure
plug-and-play never
On 2012-02-19 13:32, Jean-Michel Pouré - GOOZE wrote:
Anders Rundgren wrote:
For non-government tokens like the excellent Feitian Epass2003
I would consider another approach: Updating the firmware to
emulate PIV so that we can put the middleware aside once and
for all.
I agree completely
Anders Rundgren wrote:
You didn't hear my presentation at FOSDEM 2012 but it was about
creating a token with a standard API so that you would as a
customer be able to just plug it in.
This is an advantage of USB P11. In Windows 8 and later there doesn't
even have to be a driver installed,
21 matches
Mail list logo