Martin Paljak wrote: > An introduction on how hardware security devices improve the > situation and how smart cards and tokens are the cheapest and thus > most available key containers.
In my experience this kind of info is not distributed so efficiently in a booth. I am not arguing against a booth at all - it can be a lot of fun and is a great way to get new people interested in the project! But for something like the above a presentation is unbeatable, especially if it gets recorded and published online somewhere. > As more and more people have eID cards and there are both services > (online) and applications (ssh) that can make use of them, eID is > important as well. I guess we need to verify the list of actuallly > supported eID cards to sound credible with the supported hardware > list. I think this is a really important point, and this is the way that "everyone" can get into OpenSC. But if getting "everyone" into OpenSC then it's also critical to demonstrate that it can actually work and talk about what pitfalls to avoid. > What would be the ideas for the booth? I think any booth should demo state of the art technology, with at minimum one killer feature, but prefereably several. A killer feature is something that every visitor who stops by the booth will understand and appreciate. So; what I would love to see in a booth is a system with graphical smart-card login, bonus points for text-mode login, lock on card removal, intelligent card insertion while locked (same card vs. different card inserted), same card can unlock with PIN, different card politely explains that the system remains locked. Maybe (big maybe) a security officer card which can *also* unlock the screen and take over the session. Also, web authentication using the card. Maybe two cards with different profiles/ACL, one allowing direct access to the web site since the user is already logged-in to the system via card. Another maybe requiring authentication for every use of the card. Form/document signing and signature verification would also be nice. PGP key signing is always a big thing at FOSDEM, any way to overlap with GnuPG and maybe the OpenPGP card would be good. FSFE are present there, and all FSF Fellows have a card. It should be usable in the OpenSC booth. A killer feature would indeed be if people can user their *own* cards in the demo system(s) in the booth, without any setup required. This of course requires some preparation, to recognize the issuers. Maybe it's only feasible to prepare this for one single issuer, then I'd suggest to make that the one used for the FSF(E?) fellows' cards. Email signing of course, ideally not only with a local app, but also a web email app, though that may be complicated. SSH and VPN using card. It would be nice to show readers both with and without pinpad, and talk about the differences. This was my brainstorming. :) I would be happy to see any one of these things demoed in an OpenSC booth, but of course it would be amazing to show all of them! I was at FOSDEM last year and had a great time. It was really difficult to manage to spend time with everyone I would have liked to, while at the event. The evenings are also important to plan a little. We had a coreboot devroom last year and a couple of coreboot people went for dinner and drinks; one of the few times a couple of developers have managed to actually meet. Pretty much every project will do it too and I think it's important to announce it so that noone misses out on it that would have liked to join. :) Bring cab money or good walking shoes; public transport stopped at 1am. :( //Peter _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
