Menu
▾
▴
Re: [Opensc-devel] Motives for OpenSC?
|
From: Douglas E. E. <dee...@an...> - 2013-08-19 18:21:07
|
On 8/17/2013 12:10 AM, Anders Rundgren wrote: > When I look into the OpenSC mailing list I wonder if something isn't fundamentally broken. > > In the end (after provisioning) all smart PKI cards do more or less the same thing; > That is, performs a pretty well standardized RSA or EC operation. > > Wouldn't it be a better use of resources defining a standard PKI card where the operating system > vendors provide the *single* driver instead of relying on installation of third-part SW? This is the same old situation the industry has always had... Vendors have always control the market. But more recently governments have started setting the standards, and at least one OS vendor, Microsoft, has defined its own standards. Microsoft supports at least the U.S. gov PIV standard and its .NET card standard. In both cases, the user is not expected to issue cards, a government or enterprise is expected to provision the cards. > > With automatic updates (of OS and Token), you wouldn't be stuck with a specific design either. > The static structure of current PKI-tokens is extremely counter-productive. There are no security > issues doing firmware updates on-the-fly; it just requires a bit more memory in order to be robust. > > Naturally this wouldn't stop anybody from continuing creating "unique" cards but > a guess is that these cards would only attract a fraction of the market. And that is where OpenSC comes in, supporting these unique cards on non Windows platforms, which is a tiny fraction of the market. > > Anders > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite! > It's a free troubleshooting tool designed for production. > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk > _______________________________________________ > Opensc-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-devel > -- Douglas E. Engert <DEE...@an...> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 |
