Hi Karl,
your service is supposed (i think) to manage cryptographic operations (sign
process, ...) for all cards belonging to an issuer not only the card
delivered to one person by this issuer; so you must consider a generic
smartcard, not a particular card in which one day you have store one key.
using symmetric key, your service can rely on a specific keys/files
organisation and so keep (hard code) the path to a key-pair, but you must
read & cache the public key (or better its certificate) for all new card
inserted.
you suggest to store the CardID of the card with the path but that CardID
(that ATR) will be the same for differents cards (meaning several cards
issued by the same card issuer for the same use).
you can also provide your service to multi-application smartcards that
embed an applet your service is written for, in this case these several
"kind" of cards will all come with a different ATR.
Sylvain.
At 17:08 27/03/00 +0200, Karl Scheibelhofer wrote:
>since KeyFile is a reference to a file on a smart card that is to be used
>outside this card, why does it not include the CardID of the card the file
>resides on? i think this is absolutely necessary. e.g. if i generate a
>key-pair on the card i want to refer to this and exactly this key in a later
>session. the path is not enough. a other card could have also a key at the
>same path, but of course it will include a other key. i needed this feature,
>so i had to include the ATR of the CardID in my class.
>is there (a good) why not to provide this in the default implementation?
>i can imagine that there are cases where the path is enough, but is it
>enough in general?
>am i the only one facing this problem?
>
>thanks for comments
>
> Karl Scheibelhofer
>
>--
>
>Karl Scheibelhofer, <mailto:[EMAIL PROTECTED]>
>Institute for Applied Information Processing and Communications (IAIK)
>at Technical University of Graz, Austria, http://www.iaik.at
>Phone: (+43) (316) 873-5540
---
> Visit the OpenCard web site at http://www.opencard.org/ for more
> information on OpenCard---binaries, source code, documents.
> This list is being archived at http://www.opencard.org/archive/opencard/
! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
! [EMAIL PROTECTED]
! containing the word
! unsubscribe
! in the body.
