Ludovic Rousseau wrote:
>
>
> I don't think using RPC is a good idea.
> You use a smartcard to provide security in a unsecure environment.
> I don't want to send my PIN code in clear over RPC. You need to have
> authentication, integrity and confidentiality of your networks
> communications.
> You could use 'secure RPC' but it will be hard to find implementations
> of it outside SUN.
>
> If you send your PIN code in clear over the network why not just use
> telnet ? :-(
>
> I want a secure channel between my smartcard and the program sending
> commands to it.
>
Yes, I agree. I also don't want some untrusted program (even if the
server is authenticated) sending arbitrary commands to the smart card
and, for example, grabbing the PIN and signing/decrypting anything it
wants.
For accessing remote computers (which the original query was about)
something like ssh or secure telnet using smart card based keys
for authentication would be more appropriate.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
***************************************************************
Linux Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/smartcard/index.html
***************************************************************
