Nicholas Roussos wrote:
> Hi everyone, > > I was wondering how many of you out there use OpenCA seriously in a real > company setting, and if you actually implemented your PKI with token > support (e.g. smartcards). It would be very interesting if any of you > that did something like this could share your experience with the list. > > How difficult was it to integrate smartcard support? What was needed? > What equipment? Are you satisfied with the results? Was it easily > adopted by your users? > > Could you provide any useful links where someone could get started? > > Thanks a lot. > > Nicholas The use of smartcard tokens can be more a function of TRSM / crypto hardware management. Management of devices like those available from nCipher use smartcards. Procedural, physical and audit controls (supported by automated controls wherever possible) require the use of smartcards and dual access to maintain the integrity of the hierarchy of trust. If the point is to use smartcards for purposes of identification and authentication, then the support is more smartcard vendor-based and / or integrated into the browser or secured application. A CA is just a tool used to issue the credentials used in the authentication. In this scenario, smartcards are "personalized" on a separate computer (usually some kind of Windows-based platform and NT application). We are using PIRMA (Private Isolated Root - Mutual Authentication SSL) with smartcards integrated into the browser of the entity accessing the server. It works just fine. B ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
