Hello,
On 28/09/06, Peter Stuge <[EMAIL PROTECTED]> wrote:
On Wed, Sep 27, 2006 at 11:34:36PM +0200, Andreas Jellinghaus wrote:
> mandriva has a patch for pkcs15-crypt so it can accept pins from
> stdin.
>
> could someone please review this patch?
> maybe it is a nice addition we want to integrate?
Dunno.. We don't want people to think it's ok (secure) to enter pins
that way..
Is it _less_ secure than giving the PIN as an argument on the command line?
Do you prefer "pkcs15-crypt --pin 1234" as it is now or "pkcs15-crypt
--pin -" and enter the PIN in stdin as proposed by Mandriva?
I don't see any regression of the security level in the proposed
patch. On the contrary it may improve the security level.
Regards,
--
Dr. Ludovic Rousseau
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
