Menu
▾
▴
[Opensc-devel] Removing old card drivers from OpenSC
|
From: Frank M. <fra...@gm...> - 2017-10-18 10:08:44
|
Many of the internal card drivers have not been updated in years (card-*.c and their pkcs15-*.c counterpart). Although they may have gotten touched due to general security fixes, these changes are mostly untested with these card drivers. Most likely these cards are not in use anymore. To reduce the overall attack surface, I am planning to remove the old card drivers first by disabling them in the default configuration and later by removing them from the default compilation process. The rationale when and how to remove a card driver is given in the wiki: https://github.com/OpenSC/OpenSC/wiki/Removal-of-Old-Card-Drivers. Progress about the implementation is tracked on Github: https://github.com/OpenSC/OpenSC/projects/2 A first implementation is available as pull request: https://github.com/OpenSC/OpenSC/pull/1175 What I like to know, is wether you think the time scales are chosen approprietly. Of course, if you think some driver needs to stay in the default configuration or the default binaries, please update the wiki page indicating that it is still used (and ideally, add a link as prove). Thanks for your feedback! Regards, Frank. |
