On 23.03.2006, at 1:51, Shawn Willden wrote:
That leads to either requiring the user to enter their PIN many,
many times,
or to implementing some mechanism to cache the PIN (perhaps even
across a set
of applications if the user has many apps that use the card) so
that it can
be silently resubmitted to the card. Neither is very good, and the
first is
bad for both usability and security.
this depends on the card (ok, applet) and how you use transactions.
If your card can 'open' a key for usage untill the card is reset, and
you do NOT reset the card with SCardBegin/EndTransaction, you're
safe. IF you reset the card at the end of the transaction you have to
insert your pin again.
This is true for Estonian eID card and opensc+pinpad readers for
example. One can experiment with PCSC connection settings in
opensc.conf and see what happens with different reset/lock schemes.
m.
--
Martin Paljak / [EMAIL PROTECTED]
martin.paljak.pri.ee / ideelabor.ee
+372 515 64 95
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
