Hello,
I so some work on the MuscleCard project (http://www.musclecard.com/). Today I have enriched the MuscleCardPlugin and the PKCS#11 module to do the PIN verification at the PIN pad if the card terminal has one. (This works with readers, which support the CT-BCS standard, at least the Kobil Kaan professional can do it.)
For this I have set a flag in P11_State.slot[i].token_info.flags (The flags attribute in the CK_TOKEN_INFO structure) to CKF_PROTECTED_AUTHENTICATION_PATH. This means, that the verification is done with some better method. (PIN pad, fingerprint, retinal scan, ...) In the PKCS #11 v2.20 specification, e.g. at page 121 in the C_Login, the behavior is described. So I would expect, that an application, which works with some implementation of PKCS#11 should honor this. But, when I have to enter a PIN, I get a dialogue on the screen, which wants to know my PIN instead of displaying a dialogue which prompts to enter the PIN via this protected authentication path (e.g. "Verify your identity at your card terminal.").
Is Mozilla able to display such a dialogue? Could it be improved?
Bye, Karsten _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
