Hi, David,
This is not a suggestion for PC/SC, but is kind of related. We are
trying to implement a protocol called EKE on Jim's IP stack on
smartcards. EKE is a key distribution protocol which establishes a
session key between two parties from a weak secret, such as a
password, shared between the parties. We run EKE between a user's
workstation and a smartcard on a remote host. This way, the
connection is end-to-end in that the messages are encrypted and
decrypted on the smartcard. In secure RPC, encrypted messages are
decrypted on the remote host, thus revealing messages to the remote
host.
Another advantage of this approach is that since it is on IP, the
smartcard is named by its IP address, no matter on which machine the
smartcard is plugged in. In RPC case, smartcard's name is host's IP
address + serial port number (or reader number), which is location
dependent.
--
Concentration .. Naomaru Itoi
***************************************************************
Linux Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/smartcard/index.html
***************************************************************
