Re: Prevent "proxyfying" PKCS#11

2015-09-25 Thread Erwann Abalea
Le vendredi 25 septembre 2015 14:39:04 UTC+2, helpcrypto helpcrypto a écrit : > On Fri, Sep 25, 2015 at 11:52 AM, Erwann Abalea wrote: [...] > Although it won't solve my problem, this will make possible to kill > signature applets forever, which indeed it's my real objective.

Re: Prevent "proxyfying" PKCS#11

2015-09-25 Thread Julien Pierre
Erwann, What are the replacement plug-in API mechanisms following the deprecation of NPAPI ? Can't they be used to write another Java plug-in ? I certainly need Java in the browser, for other reasons (running a scanner applet to use with my bank). Julien On 9/25/2015 09:13, Erwann Abalea

Prevent "proxyfying" PKCS#11

2015-09-25 Thread helpcrypto helpcrypto
Hi all I hope you can find a solution for my problem, cause I can't. (And perhaps it's impossible) Based on my knowledge of PKCS#11 standard, the spec is exposed to a MITM attack that steals the PIN when an application invokes C_Login against a PK#11 library. While using CryptoAPI it's the

Re: Prevent "proxyfying" PKCS#11

2015-09-25 Thread helpcrypto helpcrypto
On Fri, Sep 25, 2015 at 11:52 AM, Erwann Abalea wrote: > Bonjour, > > Le vendredi 25 septembre 2015 10:36:53 UTC+2, helpcrypto helpcrypto a > écrit : > > I hope you can find a solution for my problem, cause I can't. (And > perhaps > > it's impossible) > > > > Based on my

Re: [Opensc-devel] Prevent "proxyfying" PKCS#11

2015-09-25 Thread helpcrypto helpcrypto
On Fri, Sep 25, 2015 at 11:21 AM, Dirk-Willem van Gulik < di...@webweaving.org> wrote: > On 25 Sep 2015, at 10:36, helpcrypto helpcrypto > wrote: > > > I hope you can find a solution for my problem, cause I can't. (And > perhaps it's impossible) > > > Based on my knowledge

Re: [Opensc-devel] Prevent "proxyfying" PKCS#11

2015-09-25 Thread helpcrypto helpcrypto
On Fri, Sep 25, 2015 at 11:15 AM, Andreas Schwier < andreas.schwier...@cardcontact.de> wrote: > Hi, > > you mention a common problem with PIN authentication and smart cards: To > keep the PIN protected on the path between the PIN entry and chip must > be protected. > > There are two alternatives:

Re: Prevent "proxyfying" PKCS#11

2015-09-25 Thread Erwann Abalea
Bonjour, Le vendredi 25 septembre 2015 10:36:53 UTC+2, helpcrypto helpcrypto a écrit : > I hope you can find a solution for my problem, cause I can't. (And perhaps > it's impossible) > > Based on my knowledge of PKCS#11 standard, the spec is exposed to a MITM > attack that steals the PIN when an