>> PKCS#11 interface define both, ui callback (notify)
>
> What is that? Can you be more specific?

I was thinking about CK_NOTIFY as a way to notify operation progress

>> Couldnt opensc provide a way to do this safely?
>> Could signed libraries solve this?
>
> What is the threat model?
> Who is the attacker and what can he do?

I was thinking about this:
if biometirc login is made using a library
    opensc library<->biometric-reader library
and
    opensc library<->man-in-the-middle library<->biometric-reader library

probably this is not how its supposed to be done.

> Signing a library will not solve much if the attacker has root access
> or is the user itself.

Windows csp's must be signed to be used. That was what i was thinking.

As you an see, thinking in many things, nor correct ones
:P

The question remains, anyway: how could opensc support
biometric/whatever readers?
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Reply via email to