On 2011-05-06 13:41, Martin Paljak wrote:
>
> On May 5, 2011, at 23:02 , Jean-Michel Pouré - GOOZE wrote:
>
>> Dear all,
>>
>> Some simple questions:
>>
>> When used with lock_login = false;
>> authenticated tokens are available for all users.
>>
>> For knowledge, what would be the technical solution to secure access in
>> shared mode?
>
>
> Have a look at the wiki:
>
> http://www.opensc-project.org/opensc/wiki/SecurityConsiderations
"If keys on the card are left in authorized state,
another application could misuse the keys"
I'm happy that I opted for stateless operation in SKS for
"using" keys and fully concurrent mode featuring SM for
"provisioning" keys. No reason ever for locking (up)
or fiddling with "config" files.
Anders
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
