Andreas Jellinghaus wrote: > Am Dienstag 20 April 2010 20:48:07 schrieb Douglas E. Engert: >> Andreas Jellinghaus wrote: >>> Am Dienstag 20 April 2010 07:18:41 schrieb Anders Rundgren: >>>>> The idea is to make it. It should be really straightforward, and >>>>> useful if the token you want to design is centered around PKCS#11 >>>>> operations. >>>> Then we are *exactly* on the same page, we need NEW tokens! >>> why does it have to be a token? why not a modification for the software >>> of my smart phone? >> Because your smart phone is becoming your PC, with too many applications >> and complicated OSes that introduce additional security risks? > > with iphone or windows mobile: I would agree. if they have a sophisticated > security concept to make the system different from normal PC operating > systems, that would be new to me. > > but android looks quite nice, with each application sandboxed and strikt > rules for communication. sure: not perfect, but a nice first step in the > right direction from my point of view. > > also what good is there, if my pc is hacked, then why use a smart card? > a hacker could manipulate the pdf I want to sign, so it shows "10$" > while the one I sign with the card would be "10.000$"...
The smartcard has no independent I/O channel to the user to show the user what is being signed. (A pin pad reader is part of the "I" in I/O) The PC or phone has nice I/O and could show the user what is being signed, but it may have been hacked. Is there device some where in the middle: trusted by the user, but not hackable? Maybe Andriod is it, but I bet it too will become just another bloated general purpose computer. I recall there being some smart card with an on-Card display at one time... > > sure with smart cards you can maybe steal a signature, but not the key > itself. but admitting, that pc + smart card is better than pc + password, > but not perfect, is a good first step in allowing other solutions too: > they don't have to be perfect either. > > so my "smart phone" idea is my silly ideas to this discussion about > alternative concepts. no need for everyone to jump on this wagon. > but maybe we can discuss everyone else "silly idea" too, and see > what architectures could help several people? > > Regards, Andreas > > -- Douglas E. Engert <deeng...@anl.gov> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
