Basic hardware support in Solid would probably be rather trivial but that's not what you're asking for here. This sounds like something that should be integrated into QCA. I have a card reader and card that I could use to do the hardware integration. Chris
2009/2/23 Adriaan de Groot <[email protected]> > Kind of belongs on this list > > > ---------- Forwarded message ---------- > From: Gaetano Andrea Callea <[email protected]> > To: [email protected] > Date: Mon, 23 Feb 2009 21:36:31 +0100 > Subject: KDE 4.x - SOLID - smart card integration > Hi all, > > i have an itch that i can't scratch since i'm not a programmer and learning > would take too long for this to get done; so i want to propose it to you. > > it basically is about including support for Smart Cards and Smart Card > Readers in Solid (at a "lower level" in KDE 4) in order to be able to use > them in every application that could make use of them. > > The first things that come to my mind are about using the Smart Card and > Reader to use and store GPG keys in one and only place instead of spreading > them across many computers and use the Smart Card and Reader in combination > with KGPG (at least for one's own key pair); or use the Smart Card and > Reader to login into the desktop only if it's inserted (so integration with > KDM); or use the Smart Card and Reader to sign emails (so integration with > KGPG and KMail); or use Smart Card and Reader to encrypt a chat (so > integration with Kopete); or use the Smart Card and Reader to sign to/start > remote sessions (so integration with KRDC/KRFB); I'm sure there are many > other possibilities but these are the few i tought of. > > There are at least two smart card compatible with GPG: the FSFE Fellowship > one[0] and this one[1]; and there are a few smart card readers compatible > with Linux that you can either find here[2] or at kernelconcepts[3]. The > only negative thing about these GPG cards is that they are limitedto RSA > 1024 keys and don't support X.509 certificates.[4][5] I hope that one day > they'll produce something more "serious". > > The importance of Smart Cards and Readers nowadays is relevant enough to > start thinking about serious integration in everyday computing. > In many countries a growing number of services based on smart card are > being adopted. For example your bank or national security number or health > system card or electronic signature. Whether we like it or not smart card > are becoming an important part of everyday life. > > About Smart Card login: this should be easily feasible by installing the > right libs and a bit of configuration. Unfortunately I didn't manage to do > it myself but the tools seem to be all there (with pcsc-lite, ccid, pksc#11 > virtually all card will work)[4] and some distro include libpam-poldi[6] > (unfortunately not fedora) to enable login with the GPG (both Fellowship and > OpenPGP) smart card. Apparently at the moment this lib is the only way to > get this working. > > There already is (at least) a bug[7] for a similar issue but it is about > creating a GUI for something of a higer level, but I think it's better to > think different here and make real integration in Solid. As you read before > the tools to make this happen are all virtually here depending on which > standard you card and reader are based on; but at the moment this is not > possible natively on KDE 4 with a graphical interface and/or integrated in > programs such as kgpg, kmail, kdm, kopete, krfb, krdc, etcetera. > > Another thing "we" can think about it's hardware to work on. Everybody > knows that developing for hardware (be it a driver or something like what we > are talking about) without the hardware itself can be difficult to say the > very least. > > Here's what I propose on this matter: KDE could arrange a settlement on > smart card and reader donations or deals either from FSFE Fellowship or > kernelconcepts. This would be a win-win situation both for KDE, Fellowship > and users. > > i hope you like it and that it is feasible. > cheers > > [0] FSFE Fellowship card: http://fellowship.fsfe.org/en/card > [1] OpenPGP card: http://www.g10code.de/p-card.html > [2] GPG Fellwoship card HOWTO: > http://www.gnupg.org/howtos/card-howto/en/ch02s02.html > [3] kernelconcepts: > http://www.kernelconcepts.de/en/shop/products/security.shtml?hardware > [4] some good FAQ: http://www.opensc-project.org/faq.html (scroll down to > Fellowship card limitations) > [5] pdf of gpg card specs: http://g10code.com/docs/openpgp-card-1.1.pdf > [6] libpam-poldi at debian packages: > http://packages.debian.org/sid/libpam-poldi || > http://packages.debian.org/search?keywords=libpam-poldi > [7] bug open for similar but not quite likely issue: > http://bugs.kde.org/show_bug.cgi?id=116201 > > -- > Callea Gaetano Andrea > > > _______________________________________________ > Kde-hardware-devel mailing list > [email protected] > https://mail.kde.org/mailman/listinfo/kde-hardware-devel > >
_______________________________________________ Kde-hardware-devel mailing list [email protected] https://mail.kde.org/mailman/listinfo/kde-hardware-devel
