Menu
▾
▴
Re: [Opensc-devel] State of stateless support
|
From: Martin V. <mv...@gm...> - 2015-11-13 13:00:02
|
Hello all, On Fri, Nov 13, 2015 at 12:29 PM, Alon Bar-Lev <alo...@gm...> wrote: >David, please stop trying to push p11-kit to people, it is a problem >not a solution. > >PKCS#11 spec clearly state how it should behave in multi-application >environment. >OpenSC's PKCS#11 provider does not comply with this and other >requirements, unless configured to use insecure mode. >[...] I know that simultaneous access works with my commercial drivers, but I always thought that its a hack and the SPEC was designed not multi-application aware. On Fri, Nov 13, 2015 at 1:09 PM, David Woodhouse <dw...@in...> wrote: > I think you are quite right that this should be fixed in OpenSC... but > it's been 7 years now since you documented it, and still it doesn't > seem to be universally understood let alone show any signs of being > fixed. > Maybe it cannot be fixed universally for all cards at once, ok. Why it's such a problem to start with one card? I wrote the starcos3.2 support 5 years ago, then abandoned my work, the driver was lately adopted in opensc (thanks to fancycode) and simultaneous access is still not solved. How could a possible implementation looks like? (for one card, at the beginning) Should it be fixed/hacked/worked around on the pkcs11 layer? Best regards, Martin |
