Hello, On Feb 15, 2011, at 5:26 PM, Jean-Michel Pouré - GOOZE wrote: > Le lundi 14 février 2011 à 17:52 +0100, Andreas Jellinghaus a écrit : >> fine tuning for each different card and driver: I don't think anyone >> has the time and manpower for that. Tuning each and every card driver is of course not realistic as a) there's not enough (motivated) manpower and b) several cards are close to extinction and not available/relevant any more (thus can't be tested/tuned)...
> Under Windows, utilities allow to set private/public size on the Feitian > PKI during initialization. > So why not allow user to specify space usage during pkcs15-init? ... but I think that tuning relevant (read: recent, available, documented and often used) card profiles to the finest (to be able to take the max from the card, either as a random joe or as an expert user) without requiring modification to profile or extra parameters is exactly the best option. The spirit should be close to 80/20 rule (probably more like 90/10) and similar to tuning OpenSC internals through opensc.conf - available and doable (maybe requiring root access or other kind of extra manual configuration) but not necessary for everyday (common) use. Taking into account that personalization is a more central and seldom activity than actual use of a card (via PKCS#11 and other interfaces). I don't think that creating options to tune every PKCS#15 detail through command line would be any good, reasonable granularity and a holistic view would do better. People tend to copy-paste code snippets from the interweb that are similar to "sacrifice a two-headed chicken on a full moon night on the crossing of five roads" style suggestions with every possible option turned on, which create endless possibilities of shooting yourself in the leg (and succeed) and creates hard to trace and solve problems afterwards. (Take the --finalize option to pkcs15-tool and actual implementation by card drivers: "Oh, this can't hurt, at least the way I understand it, lets specify this option as well!"). Once a profile is set (and tuned) for a card, it should remain intact, with the possibility of a knowledgeable user tuning it somehow (not necessarily via command line options) but with the *full awareness* of what he or she is doing. Like by creating a custom profile for his/her uncommon use pattern. The only problem I see is a card with different EEPROM sizes, but here the most viable option is good documentation, education and tuned profiles for different EEPROM sizes. -- @MartinPaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
