Definitely. The interface exported must be a subset of the available functionality or else someone could write a worm which does a Verify Key function incorrectly and blocks cards where services are available. A signature function must be carefully exported and authenticated to so it does not perform signature operations for undesired applications. Currently this is protected by a PIN number so secure PIN transfer is a must. Also, blocking the PIN is a concern.... Dave *************************************************************** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***************************************************************
- Re: MUSCLE Linux Login with RSA SmartCards Carlos Prados
- Re: MUSCLE Linux Login with RSA SmartCards m . sagi
- Re: MUSCLE Linux Login with RSA SmartCards Carlos Prados
- Re: MUSCLE Linux Login with RSA SmartCards David Corcoran
- Re: MUSCLE Linux Login with RSA SmartCar... Ludovic Rousseau
- Re: MUSCLE Linux Login with RSA Sma... Erwann ABALEA
- Re: MUSCLE Linux Login with RSA Sma... Dr S N Henson
- Re: MUSCLE Linux Login with RSA... Jeremy Impson
- Re: MUSCLE Linux Login with RSA... David Corcoran
- Re: MUSCLE Linux Login with RSA... Dr S N Henson
- Re: MUSCLE Linux Login with RSA... David Corcoran
- Re: MUSCLE Linux Login with RSA... Carlos Prados
- Re: MUSCLE Linux Login with RSA... Dr S N Henson
- Re: MUSCLE Linux Login with RSA... Erwann ABALEA
- Re: MUSCLE Linux Login with RSA... Erwann ABALEA
- Re: MUSCLE Linux Login with RSA SmartCards Jim Rees
- Re: MUSCLE Linux Login with RSA SmartCards Carlos Prados