Hi Andreas, > “I know of a large trustcenter offering certificates for qualified signatures”
Our aims are very similar to this! First, we also wanted to use HSMs to store keypairs (we already have Thales netHSM for PKI functions, and a Thales payment HSM), but independent auditors told us, that in some points FIPS/CC-evaluated HSMs differ from SSCD devices. This was new information for me. So, now, the task is to find out which solution gives us less trouble: re-auditing an HSM as SSCD or creating an SSCD-farm... Aron From: Andreas Kroehnert [mailto:akroehn...@go-lan.net] Sent: Wednesday, March 21, 2012 4:28 PM To: Szabó Áron Cc: opensc-devel@lists.opensc-project.org Subject: Re: [opensc-devel] Managing devices simultaneously Hi Aron, not sure whether its worthwhile to mention: I know of a large trustcenter offering certificates for qualified signatures, that uses hundreds of serial port smartcard readers connected to a single system using RS232 multiplexers. But I dont know which software they use. However, do you really need to use a large a mount of devices connected in parallel, or wouldn't just a single HSM do, in a kind of RSS configuration? It's just saving tons of space and effort, but still offering high security with thousands of "virtual smartcards" where each slot has its own unique user PIN and SO. regards Andreas ________________________________ From: "Szabó Áron" <aron.sz...@egroup.hu<mailto:aron.sz...@egroup.hu>> To: opensc-devel@lists.opensc-project.org<mailto:opensc-devel@lists.opensc-project.org> Sent: Wednesday, 21 March, 2012 4:15:04 PM Subject: Re: [opensc-devel] Managing devices simultaneously Thanks for your answers! In my case 1 smart card, USB token would use/store just 1 slot/1 keypair: 1 keypair is needed for each user stored on separate devices. This means, I have to maximize the number of devices, not the slots of the devices. USB controller gives an upper limitation for that, but I don't know whether CSPs have other e.g. addressing limitations. Aron -----Original Message----- From: opensc-devel-boun...@lists.opensc-project.org<mailto:opensc-devel-boun...@lists.opensc-project.org> [mailto:opensc-devel-boun...@lists.opensc-project.org] On Behalf Of NdK Sent: Wednesday, March 21, 2012 3:35 PM To: opensc-devel@lists.opensc-project.org<mailto:opensc-devel@lists.opensc-project.org> Subject: Re: [opensc-devel] Managing devices simultaneously Il 21/03/2012 11:27, Szabó Áron ha scritto: > What is the maximum number (if any exists at this level) of regular smart > cards, USB tokens (and keys) that can be used and managed by OpenSC in the > same environment (USB controller supports up to 127 devices, up to seven > tiers, including the root tier and five non-root hubs)? IIUC, each "PIN" uses a slot. So, for example, on a single Aventra card you could need 14 slots! BYtE, Diego. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org<mailto:opensc-devel@lists.opensc-project.org> http://www.opensc-project.org/mailman/listinfo/opensc-devel
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
