Andreas Jellinghaus wrote: > Am Dienstag 02 Februar 2010 14:04:57 schrieb Viktor TARASOV: > >> I guess not only consolidation -- one day 'pkcs15', 'pkcs15init' and >> 'pkcs11' frameworks in OpenSC should be really 'multi-application'. >> 'Sc_pkcs15_bind' should accept the AID of the application; >> 'framework-pkcs15' should make the slots for all pkcs#15 compatible >> applications, etc. >> > > do you have any card that has several "pkcs#15 compatible applications"? >
IAS/ECC [1] This card is designed to be used in the context of electronic administration. It includes (can include) more then 3 applications [2]. From these applications - one is the 'generic' one -- usage and 'init' protected by User PIN; - second is the 'administration-1' -- usage by User PIN, 'init' protected by SM; - third is the 'administration-2' contains non-repudiation key -- usage by User PIN, 'init' protected by SM, qualified signature is protected by SignPIN & SM. PIN unblock can be with multi-PUKs, external authentication, SM, its combination, ... Gemalto, Oberthur and Sagem produce these cards using the same specification. (And in fact, besides the little differences, the cards of different producers are the same. ) > sure, cards could be quite complex with many different "application" > on them etc. but in reality, do people implement that, or is the typical > thing rather one card per application (so each company has its name and > logo and slogan on some piece of plastic in your wallet)? or a simple > authentication card shared by several apps (e.g. different web sites)? > > I remember swisssign putting pkcs#15 structure side by side with > lawfull signature data on a card, and I guess something like this > could happen more often. but several pkcs#15 applications? it is > hard for me to see a use case here. > > Regards, Andreas > > Regards, Viktor. [1] http://references.modernisation.gouv.fr/sites/default/files/FRCommonIASPlatformSpecification101Premium.pdf [2] http://references.modernisation.gouv.fr/sites/default/files/MDWIAS_Profils%20de%20%20personnalisation%20des%20cartes%20IAS%20%20V2_7.pdf -- Viktor Tarasov <[email protected]> _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
