On 2012-08-17 22:32, Jean-Michel Pouré - GOOZE wrote: >> It also means that the "card" middleware will be a part of the OS. > > This will boost the smartcard technology to a wider public, which are > good news. It is essential to have the smartcard or token in the hand / > in the pocket. You computer cannot stand in your pocket. Only your > mobile phone. >
The original idea was indeed that you carried your token in your pocket. This idea is challenged by the fact that we have so many and independent logins. Since each login typically translates to a token (using current smart card technology), you would eventually need very big pockets. Virtual smart cards have unlimited capacity and doesn't occupy space in your pocket either. Does this for example make eIDs or company smart cards useless? Not all! You use your token as a secure bootstrap for getting a cloned credential onto a device, be it a phone or laptop. This concept is by no means new or unique. The Swedish BankID CA have already issued more than 10M certificates in this fashion to consumers where the consumer typically uses an already deployed OTP token as bootstrap. The only problem is that BankID and friends have to write their own client software since the to 99% US-dominated platforms do not support consumer-PKI. Since traditional smart cards do not support on-line provisioning to end- users, virtual smart cards appear to be the only workable solution. Anders _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
