Hi,
I try to answer below:
Been trying out the IDAlly tool chain, again, for on our own - and
- the IBM JCP21. I've started with the given cases, for the ID21.
(a) are the transport code (required for personalization) different
for each profile?
Nope, by default it is: Muscle00, if you load the applet manually.
If you use ID Ally and it's Profile Manager to load the applet, it
will change the default
transport code to: 00000000
(b) whats the transport code for the MUSCLEII applet, built for the
JCOP21?
Same as above
(c) the screens provide an option to select "current admin pin",
during Tools->Personalization. Is this the transport code, for
persononalization purposes? Or, the current value of pin#0? which
is stored from session to session, on the PC?
The current admin pin by default (if you use the Profile Manager to
load the applet) is 00000000. If you load the applet manually, you
might uncheck that and substitute: Muscle00
(d) does IDAlly (or any of its DLL providers) directly load
windscard.dll from a particular path, or is normal Win32 logic
applied (i.e. the winscard.dll in the app's directory is used, if
present)?
No, Winscard.dll is used from SYSTEM32 path.
(e) is the password manager documented anywhere? e.g. is the object
on the token encrypted? if so by who? and who stores/manages the
file confidentiality keys?
Good question. Currently the passwords are protected by pin, but not
encrypted. The code for encrypting them is already there, but we had
not decided what key management mechanism we wanted to use. Perhaps
it might be to use a symmetric key on-card. For now, it is protected
by PIN to avoid unlawful read ....
Thanks,
Dave
Peter.
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
