RE: MUSCLE Musclecard architecture

Fri, 07 Dec 2001 05:15:23 -0800 

ISO 7816-8 says how to do decypherment, signatures, etc.

Cheers, Scott 

-----Original Message-----
From: Erwann ABALEA
To: [EMAIL PROTECTED]
Sent: 12/7/01 2:32 AM
Subject: Re: MUSCLE Musclecard architecture

PKCS#15 is not enough. It only focuses on how the objects are stored in
the card (file numbers, key formats, ...), but not how to do a
signature,
a decipherment, and others.

We must wait for an enhancement of the ISO7816 to define these as well
as
they define the standard calls to read, write, erase, ...

Or we could also wait for some professionals (Schlumberger, Gemplus,
DeLaRue) to take this problem into consideration and try to define some
common commands, but I don't see this possible... ;)

On Thu, 6 Dec 2001, Chris Osgood wrote:

> You guys (and gals) might want to look into using PKCS#15 (ASN.1
> encoding on the card).   As a whole, it's kind of nasty complicated
but
> you don't need to use everything.  This would allow a somewhat
> "standard" approach to accessing data on the card.  It is very
flexable
> (too flexable if you ask me) and can do just about anything you need,
> including crypto, certificates, raw data, etc.   ASN.1 encoding allows
> it to be pretty tight space-wise too.
>
> PKCS#15 is published on RSA's website.  I recommend looking at snacc
for
> doing asn.1 de/encoding.
>
> Interfacing with PKCS#11 is made more natural too.
>
> Although I don't have a lot of time for this, I would be happy to help
> out where I can.   I have a lot of experience with PKCS#15, ASN.1, and
> smart cards in general.
>
> --
> // Chris
>
> >We wanted to implement a very abstract architecture so that KDE
> >applications could use smartcards without having to know the details
of them.
> > In particular, this would be used for storage, SSL certificates, and
KDM
> >login.

-- 
Erwann ABALEA
[EMAIL PROTECTED]
RSA PGP Key ID: 0x2D0EABD5
-----
``Do or do not.  There is no try."
                                     Yoda

***************************************************************
Unix Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/
To unsubscribe send an email to [EMAIL PROTECTED] with
unsubscribe sclinux
***************************************************************
***************************************************************
Unix Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/
To unsubscribe send an email to [EMAIL PROTECTED] with
unsubscribe sclinux
***************************************************************

Reply via email to