See embedded comments below. More generally, is this not very active OCF list the only one you are using? Why not float your idea on the MUSCLE list run by David Corcoran [EMAIL PROTECTED] (Movement for the Use of Smart Cards in a Linux Environment) Muscle mailing list [EMAIL PROTECTED] http://lists.drizzle.com/mailman/listinfo/muscle
Peter ----- Original Message ----- From: "Bernhard Fastenrath" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, March 19, 2004 1:01 PM Subject: [OCF] proposal: JSR to add input devices to JavaCard > On Friday, March 19, 2004, at 01:34PM, Peter Tomlinson <[EMAIL PROTECTED]> wrote: > > >Bernhard, > > > >Direct input of PIN to the Javacard? How? PIN pad actually on the card? > >Biometric sensor on the card? Or secure extensions to card readers to allow > >input? I just do not understand the architecture of what you are trying to > >do. > > A biometric sensor on the card is not in the range of this specification > as I don't know anything about Biometric sensors for smart cards. > But it could be added, of course. Biometric sensors (very thin silicon) have been demonstrated on smart cards, as have keypads - but they don't conveniently fit on there, as we like to push the smart card a long way into the reader. Thus your idea (below) of the different physical format is good in principle. > > The idea is to create a specification for a security token that may support > CLC and offers some kind of input device on the token itself. > Trusting a card reader always means your're expecting the card reader to be > tamper proof. I don't think that's a good idea. The secure input device > should be on the token you're carrying with you. Well, the FINREAD, etc, ideas are related to work that is delivering very secure devices. > > Imagine a combination lock on a USB stick, for example. That's a very > straightforward and convenient form to enter a PIN everybody understands > from using mechanical combination locks. It should be inexpensive to build > something like that into a USB stick. > The USB stick could have to caps: A covered combination lock on one side, > the USB connector on the other side. Here you have to rely on the USB stick housing being tamper proof - exactly the same problem as with tamper proof card readers. Again, the advantage is with the form factor of your USB stick. I have recently seen advertised a USB stick with a biometric sensor (fingerprint) incorporated, so the right kind of configuration is alaready attractive to vendors, but I don't know if it is selling. > > --- > Visit the OpenCard web site at http://www.opencard.org/ for more > information on OpenCard---binaries, source code, documents. > This list is being archived at http://www.opencard.org/archive/opencard/ ! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email ! to ! [EMAIL PROTECTED] ! containing the word ! unsubscribe ! in the body.
