using a smartcard to create an EAP token, that does a remote logon to a windows
host is pretty stable in XP.
It was the RDP case (with a MSFT XP RDP Client, using MSFT PC/SC client side,
and client-side CCID reader device) that is still confounding me. Im hoping it
got solved in vista.
----------
On another topic, I need some vocabulary help.
We need to learn to distinguish "FIPS 201" _approval_ of a "Cryptographic
Module"
>From HSPD-12 _compliance_ of an "HSM", bearing a cryptographic module.
I assume the design of the cryptoboundary of the crptographic module is FIPS
140-2 "certified" and the device can still be operationally in either "FIPS
mode", or not.
One assume FIPS 201 approval tested the CM when it was operating in FIPS mode.
But, is the absence of non-FIPS mode NECESSARY for FIPS 201 approval?
With HSPD covering HSM, and 201 covering CMs, and 1401-2 encompassing both
boundaries, this is a linguistic mess.
----------
SafeNet K3 card for Luna HSMs receives FIPS 201 approval for cryptographic
modules
Certification makes Luna HSMs first to become HSPD-12 compliant
October 19, 2006 – SafeNet, Inc., has announced that the company’s K3 card has
received Federal Information Processing Standard (FIPS) 201 certification for
cryptographic modules. The K3 card, a component in SafeNet’s Luna Hardware
Security Modules (HSMs), is the first cryptographic module certified for FIPS
201, making it the first HSM to be certified Homeland Security Presidential
Directive-12 (HSPD-12) compliant. HSPD-12 is an executive mandate requiring
that all federal employees and contractors use a smartcard
> Date: Mon, 4 Dec 2006 14:17:41 -0600> From: [EMAIL PROTECTED]> To:
> [email protected]> Subject: Re: [Muscle] No padding with CCID
> pinpad readers?> > > > Peter Williams wrote:> > not responding to the query,
> but speaking of CCID given the vista release...> > > > anyone know if the
> CCID reader attached to the host machine of the _client's_ remote desktop
> session (the RDP5 protocol) can now be attached to the remote process?> > > >
> This scenario was possible for XP, when the reader was serial but not
> CCID/USB.> > Maybe I did not understand your configuration, but I have used
> as CCID/USB reader at home to> login to a computer at work and have used a
> PCMCIA reader in a laptop to login to a computer> at work. All XP pro.> > > >
> > > > The fun part of this, for PCSC dev., is that one has to decide how the
> "two" host controller state machines collaborate, given either could demand
> exclusive control on behalf of its particular API consumer.> > > > > > > > >
> >>From: [EMAIL PROTECTED]> To: [email protected]> Date: Mon, 4 Dec
> 2006 17:23:14 +0100> Subject: [Muscle] No padding with CCID pinpad readers?>
> > Hi,> > we have a card that uses unpadded pin buffers> (e.g. 00 22 00 02 04
> 31 32 33 34 for a verify PIN)> > Looking at the CCID specs, could it be true
> that> there's no support for this?> > (Sorry if asked before...)> > Thanks,>
> Stef> _______________________________________________> Muscle mailing list>
> [email protected]>
> http://lists.drizzle.com/mailman/listinfo/muscle> > > >
> _________________________________________________________________> >
> All-in-one security and maintenance for your PC. Get a free 90-day trial!> >
> http://www.windowsonecare.com/purchase/trial.aspx?sc_cid=wl_wlmail> > > > > >
> ------------------------------------------------------------------------> > >
> > _______________________________________________> > Muscle mailing list> >
> [email protected]> >
> http://lists.drizzle.com/mailman/listinfo/muscle> > -- > > Douglas E. Engert
> <[EMAIL PROTECTED]>> Argonne National Laboratory> 9700 South Cass Avenue>
> Argonne, Illinois 60439> (630) 252-5444>
> _______________________________________________> Muscle mailing list>
> [email protected]> http://lists.drizzle.com/mailman/listinfo/muscle
_________________________________________________________________
Express yourself with gadgets on Windows Live Spaces
http://discoverspaces.live.com?source=hmtag1&loc=us
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
