Menu
▾
▴
Re: [Opensc-devel] SKS/KeyGen2 for Linux
|
From: NdK <ndk...@gm...> - 2013-08-23 11:39:08
|
Il 23/08/2013 10:31, Jean-Michel Pouré - GOOZE ha scritto: > I don't fully understand the notion of security model defined in 2.4 > where "user grants an issuer the right to create keys in the SKS." Your bank asks access to your token. You grant it the right to create keys and from this moment it cak create new keys "on your token" when needed. Then your cloud provider sets up a smart-card access for accounts: you grant him the privilege to create keys on your token like you did for the bank. Obviously the provider won't be able to create/use keys in the "bank area" and viceversa. > Do you mean "we should leave you our laptop, while we are out for lunch, > to keep it safe"? Uh? > Are your really going to elaborate a software around this "obscure" > notion of security? Most security agencies are turning to be more strict > and I doubt that this security scheme can survive a long time. I think it's the only that can support a single store for "unlimited" virtual identities... BYtE, Diego. |
