On 14.01.2011 13:37, Andre Zepezauer wrote: > On Fri, 2011-01-14 at 10:20 +0100, Viktor TARASOV wrote: >> Hello Andre, >> >> On 14.01.2011 04:24, Andre Zepezauer wrote: >>> please have a look at PKCS#15 "6.8.2 Pin objects" for the definition of >>> local and global PIN objects. There is no mention of storage location. >> There is mention of 'path'. >> The difference between 'global' and 'local' is that the first one can be >> verified from any location on the card, >> the second one is 'visible' only from somewhere under the DF (or >> application) where it's defined. >> >> So, we need (or, if you like, it's useful) to have 'path' defined for the >> local PINs, to be able to select it's path before verification.
My previous assumptions comes from this citation. It seems that I am terribly missing something. Can you give more details? > > From PKCS#15 6.8.2 Pin objects: > "PinAttributes.path: Path to the DF in which the PIN resides. The path > shall be selected > by a host application before doing a PIN operation, in order to enable a > suitable > authentication context for the PIN operation. That's 'local' PIN. > If not present, a card-holder verification > must always be possible to perform without a prior `SELECT' operation." That's the global one. So we desperately need the 'path' for the local PINs. So that 'host application' can select the path 'before doing a PIN operation'. You probably know another way to do verification from the random location on the card ? > Regards > Andre Kind wishes, Viktor. -- Viktor Tarasov <viktor.tara...@opentrust.com> _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
