On Wednesday 22 March 2006 16:21, David Corcoran wrote:
> The SCardBeginTransaction and SCardEndTransaction functions are meant
> to be used to temporarily lock the card from access by other processes.
> A properly implemented application would:
>
> SCardBeginTransaction
> {
> Verify the PIN
> Do anything that requires the PIN
> Logout (optional)
> }
That leads to either requiring the user to enter their PIN many, many times,
or to implementing some mechanism to cache the PIN (perhaps even across a set
of applications if the user has many apps that use the card) so that it can
be silently resubmitted to the card. Neither is very good, and the first is
bad for both usability and security.
The SCARD_SCOPE_USER param seems to be useless on both Windows and pcsc-lite
platforms. What do you think about using it to implement per-user access
controls? That way multiple processes could use the card, they could use
transactions as they were intended -- to prevent card contention, not as a
security mechanism -- and an application that used the option could be
certain that no other user was using the card.
I'm hacking a proof of concept together,
Shawn
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
