On Thursday 15 February 2007 7:14 am, Douglas E. Engert wrote: > Yes propriety vendor solutions are a major problem. Have a look at the > PIV card comments at: > http://www.opensc-project.org/opensc/wiki/UnitedStatesPIV > > The intent is to standardize on multiple vendors for cards, > multiple vendor's for readers, and multiple vendors for middle ware. > Thus avoiding the proprietary problems with a single vendor. > The components that have passed the interoperability testing > are on the list at: > http://fips201ep.cio.gov/apl.php > > But all this standardization is limiting. With PIV there is a predefined > set of objects that can be on the card, and it is meant to be read only > for the end user. Administration of the card is left up to the card > vendor's to work with the administration software vendor's.
Hmm, very interesting. And is this standardization based on existing standards? E.g., the government simply forcing vendors to use ISO 7816 and PCKS#15, or ... ? > Sorry for being so long winded about a specific class of smart cards, > but PIV addresses a lot of the concerns you have with the smart card > industry, but based on your company's web site, may not apply > to you. Long winded can be good. :) And Affinix for game development certainly does not apply. :) However, the Delta XMPP Project is related: http://delta.affinix.com/ We use PKCS#11, and so we're far abstracted from the gory details of this thread. However, as a simple user of crypto tokens, I've found the interoperability situation lacking. I ask these questions as an enthusiast. :) -Justin _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
