Eugen Leitl <[EMAIL PROTECTED]> writes: >I have no smart card background, unfortunately. I've heard G&D ignores >requests from open source developer people, though.
Yup. It's standard banking-industry stuff, unless you're a large bank/government/whatever and are prepared to sign over your firstborn and swear eternal secrecy, they won't talk to you. >Are keywords like STARCOS SPK2.3 (Philips P8WE5032 chip), ITSEC E4 >certification (with StarCert v 2.2.) etc. associated with a good security >track? They're associated with good buzzword-compliance. Since it's impossible to get any technical details out of them, it's rather hard to say. If you've got something like a PKCS #11 driver off them then you should be OK, but if you want to do any low-level work with the card yourself, find another vendor. >Features Nothing you can't get from a pile of other vendors who will actually talk to you. Unless you've got some business reason to deal with them, I wouldn't bother (I have nothing against them per se, they just do business in a way that isn't useful to me... and I'm sure they think the same of me). Peter.
