Ludovic, there are actually solutions deployed that performs secure PIN management based on the pcsc-lite framework right now.
Readers with secure PIN entry have been common in Germany for a number of years now, mainly used for money transactions in the German HBCI standard. Most solutions in the Wintel world use CT-API and therefore naturally use CT-BCS for secure pin entry. We're developers of MacGiro, an HBCI client on MacOS. On MacOS X we use MacOS SmartcardServices aka pcsc-lite for handling cards, so we had the problem to move existing secure PIN handling functionality to pcsc-lite. It turned out that German manufacturers of card readers had already done so for their Linux PC/SC drivers. For better or worse, what's being done is to just use SCardTransmit. And then let the IFD-Handler filter out the CT-BCS commands and handle these with the reader. This is certainly an arguable design decision. But, as there have been drivers deployed before using this scheme, we have decided to do the same thing in MacGiro. Currently, the cyberJack pinpad by Reiner SCT has a pcsc-lite driver for MacOS X that works together with MacGiro in this way. The most unsatisfactory part is that there is no sanctioned way for the application to determine if a given reader is secure PIN capable. We can currently only determine this by holding a list of reader names, which really cries out for a better solution. We would therefore applaud an extension of capability management for this purpose. Best Regards, Eric Walter med-i-bit GmbH >Hello, > >I would like to introduce the ability to perform a "secure PIN >management" in my CCID driver (and also in pcsc-lite). ... -- _____________________________________________________________________ mailto:[EMAIL PROTECTED] http://www.med-i-bit.de _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.drizzle.com/mailman/listinfo/muscle
