Shawn Willden wrote:
> On Wednesday 22 March 2006 16:21, David Corcoran wrote:
>
>>The SCardBeginTransaction and SCardEndTransaction functions are meant
>>to be used to temporarily lock the card from access by other processes.
>>A properly implemented application would:
>>
>>SCardBeginTransaction
>>{
>> Verify the PIN
>> Do anything that requires the PIN
>> Logout (optional)
>>}
>
>
> That leads to either requiring the user to enter their PIN many, many times,
Why? You lock the card through the whole cryptographic operation. Not
between single operations. The PIN must be entered e.g. for signing an
email only once. This is OK.
> or to implementing some mechanism to cache the PIN (perhaps even across a set
> of applications if the user has many apps that use the card) so that it can
> be silently resubmitted to the card. Neither is very good, and the first is
> bad for both usability and security.
Except from this, this should not be the job of PCSC. The usual approach
like for other communication protocols (e.g. the WWW) is to establish a
secure connection. It may be possible to take over Internet connections
from the same computer if these connection is not secured. But to
prevent this e.g. SSL is used. Smart cards should offer also a mechanism
for secure messaging and the most card implementations do.
>
> The SCARD_SCOPE_USER param seems to be useless on both Windows and pcsc-lite
> platforms. What do you think about using it to implement per-user access
> controls?
It is used in Windows. It is not useless. If many readers are attached
to a system only the readers are listed which are in the scope of the
user; readers he can access.
Karsten
> That way multiple processes could use the card, they could use
> transactions as they were intended -- to prevent card contention, not as a
> security mechanism -- and an application that used the option could be
> certain that no other user was using the card.
>
> I'm hacking a proof of concept together,
>
> Shawn
> _______________________________________________
> Muscle mailing list
> [email protected]
> http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
