Perhaps someone can correct my (recent) understanding of the functions of
the external authentication support in the muscle cardedge.
(1) assume the muscle applet is placed on a GP card during manufacturing,
prioir to setting the GP state to operational
(2) assume that the card issuer domain keysets are loaded onto the card
during per-personalization, using a key Kinit, preloaded into the JVM
binary.
(2) assume, for an operational state card, that the security officer role
requires GP authentication, to logon to the card, using a card issuer
domain keyset. Assume the muscle applet policy requires GP security channel
at SCP 01 level 3 service level, in order to perform post-personalization
commands such as populating root certificate stores
(3) assume that applet security manager (ASM) is a FIPS 140-1 role distinct
from SO, and user.
(4) assume that users logon to cards using pins, to satisfy user
identification.
(5) assume that ASM role parties logon to the applet using the MUSCLE
getChallenge, and MUSCLE external authenticate.
(6) assume that certain muscle acls require (5), whose logon establishes
the "strong authentication" privilege set for that logical channel
(7) assume that the signing algorithm used in (6) external authentication
is DES3-MAC, referencing a MUSCLE DES3 key, in one or other muscle
instance's keystore
(8) assume that GP VOP 2.0.1 keks (over an VOP SCP 01 secure channel) have
previously been used to deploy the DES3-MAC signature verification key,
used in (7)
Have I got the intended usage model right for the various roles, and
different uses of the different authentication services?
Are there any other roles vs key usage models I'm missing, for the applet
security policy?
For example, should any offcard application be required to use a DES3-MAC
key, to externally authenticate, in order to perform ANY operation - such
as populate user certs?
Peter.
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
- [Muscle] muscle getChallenge, versus GP 2 way authentic... Peter Williams
- [Muscle] Java API(s) to access smartcards Michael Bender
- Re: [Muscle] Java API(s) to access smartcards Serge Koganovitsch
- Re: [Muscle] Java API(s) to access smartca... Michael Bender
- Re: [Muscle] Java API(s) to access sma... Serge Koganovitsch
- Re: [Muscle] Java API(s) to acces... Michael Bender
- Re: [Muscle] Java API(s) to access smartca... Peter Williams
- Re: [Muscle] muscle getChallenge, versus GP 2 way ... Karsten Ohme
- Re: [Muscle] muscle getChallenge, versus GP 2 ... Peter Williams
- Re: [Muscle] muscle getChallenge, versus GP 2 way ... Peter Williams
- Re: [Muscle] muscle getChallenge, versus GP 2 way ... Peter Williams
