Thanks, this is what I pretty much feared, from the dearth of available code.
But if smart cards are useful (and I think they certainly are), a common Java api along the lines of opencard is going to be required. I saw that Sun abandoned the javax.card framework when I found that through my scouring. I do find this extremely weird. I've got the Cyberflex SDK with a Java API, but the problem is that this seems very vendor specific (I'm not sure, as there's some strange comment about the SmartCard class being able to talk to any card, so I'll check it out). Thank you so much for your links to the DCSF. This is precisely what I was looking for. I'm strapped in and ready for Mr. Toad's wild ride. I know this is pretty bleeding edge stuff, but I can't see doing any kind of secure software in Java without smart card support. Let me know where to go to help out with this effort. I'm up for an open source project to keep this stuff up to date and to keep it growing. Again, thanks. ----- Original Message ----- From: "Marc Palmer" <[EMAIL PROTECTED]> > Hi. I'm wondering what the status of this project is. The last code > drop was apparently early December, 1999. Also, all the news, etc is > likewise dated. I did note that this mailing list has kept seeing > activity. > So, I was just wondering what's up. Is the code good enough that no > changes have been needed for 2 years? Is there some other API which has > made opencard obsolete? Did everyone just lose interest in interfacing > to smart cards from Java? In part, yes. The card/terminal vendors seem to be quite negative about Java and smartcards (apart from JavaCard on the card itself). They recently proposed that they would disband the OpenCard committee while making the source code freely available. Myself and others are not very happy about this, to say the least! We do not know of any widely used alternative to OCF for writing Java smartcard host applications. You would have thought that this was a strong requirement (for Sun at least) given that JavaCard puts Java on the card itself. Sun abandoned their defunct Java Wallet which was roughly equivalent to OCF I think. Perhaps they will revamp that. OCF 1.2 itself is OK. It works quite well, and there are no major problems except some confusingly mis-assigned "deprecated" warnings on some methods, and a lack of cryptographic and key/certificate management CardService definitions (apart from Signing-related). The architecture can be a bit hard to follow at times given the slightly poor documentation. The CHV mechanism is also a bit clunky if you ask me (cancelling a CHV prompt dialog does not return a null, so you cannot tell between cancellation and a blank pin). However we have a free working project based on OCF (DCSF - http://www.wangjammers.org/smartcards) where we use a custom CHV dialog that returns null when cancel is pressed. > Just wondering. I'm new at all this smart card stuff. Prepare for a roller-coaster ride :-) We have a few links to resources on our site. Http://www.wangjammers.org/smartcards/links.html Regards, Marc ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ W ~~~~~ (o) Wangjammer5 (Marc Palmer) ( ) Wangjammer7 www.wangjammers.org = Java Consultants (Web|Smartcards|Crypto) --- > Visit the OpenCard web site at http://www.opencard.org/ for more > information on OpenCard---binaries, source code, documents. > This list is being archived at http://www.opencard.org/archive/opencard/ ! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email ! to ! [EMAIL PROTECTED] ! containing the word ! unsubscribe ! in the body. --- > Visit the OpenCard web site at http://www.opencard.org/ for more > information on OpenCard---binaries, source code, documents. > This list is being archived at http://www.opencard.org/archive/opencard/ ! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email ! to ! [EMAIL PROTECTED] ! containing the word ! unsubscribe ! in the body.
