The most fascinating thing about the presentation is the DELIBERATE USE of SSL
v2, post 2001.
http://www.smartcard.gov/information/dixon/sld022.htm
Now the (security) rationale for that is worth finding out.
> From: [EMAIL PROTECTED]> To: [email protected]> Subject: Re:
> [Muscle] Re: Firefox, DoD CAC, and Omnikey Cardman 4000> Date: Tue, 24 Apr
> 2007 20:36:26 -0600> CC: [EMAIL PROTECTED]> > On Tuesday 24 April 2007
> 02:28:21 pm Timothy J. Miller wrote:> > This is only true if you're leaving
> the card in the reader. I would say> > don't do that; the card should only be
> inserted when the card is needed> > for an operation, limiting the window
> during which malicious code can> > piggyback an authenticated card session
> (or start its own).> > Also keep in mind that pcscd accepts connections to
> the reader from any > process on the machine. If there are any other users on
> your machine (using > their own accounts), and the application doesn't open
> the card in exclusive > mode and keep it open until you remove the card, then
> those other users can > also use your card after you've authenticated to it.>
> > To be safe, don't use a card with important private keys on a multi-user >
> machine. Either that or be very sure that your applications grab the card >
> and never let go once you've presented the PIN.> > Shawn.>
> _______________________________________________> Muscle mailing list>
> [email protected]> http://lists.drizzle.com/mailman/listinfo/muscle
_________________________________________________________________
Discover the new Windows Vista
http://search.msn.com/results.aspx?q=windows+vista&mkt=en-US&form=QBRE
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
