Ludovic Rousseau wrote:
> >> * Trac/Wiki/ -> any progress here? I remember so offerings and
> >> questions to migrate, but no status update since - maybe I missed it?
> >
> > We are waiting solution from Peter.
>
> I don't think we can count on Peter. I had a bad experience on the
> libusb pro
Andreas Jellinghaus wrote:
> * Trac/Wiki/ -> any progress here? I remember so offerings and
> questions to migrate, but no status update since - maybe I missed it?
No progress, the offer is still good, but no chance of making it
happen before end of year.
//Peter
frederic.comb...@cea.fr wrote:
> Here is my patch (actually, 2 patches that depend if the patch
> concerns only the error 2328 (patch 1) or the whole block
> processing the return value of verify_certificate() (patch 2)).
Patch 1 is obviously incorrect because your change is inside a
conditional.
Ludovic Rousseau wrote:
> Merging a pull request from github adds a "merge pull request" commit.
> The history is then not very nice (linear) but I don't know a better
> way using the github web interface.
It isn't neccessary to use the github web interface just because
github is used to host the
Michael Wisniewski wrote:
> OpenSC recognizes the cert on the card, but just doesn't work with
> vmware-view.
After you create the symlink in order to work around that error?
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
h
Michael Wisniewski wrote:
> Could not open module /usr/lib/vmware/view/pkcs11/libopensc-pkcs11.so.so:
> /usr/lib/vmware/view/pkcs11/libopensc-pkcs11.so.so: cannot open shared
> object file: No such file or directory
>
> I was wondering if you knew which package I would have to install to obtain
>
Ludovic Rousseau wrote:
> The idea of git is to _not_ have to give access. Just send pull
> requests and I (or another admin) will pull your code.
Yes and no. Multiple people writing to a central repo works perfectly
fine also with git.
//Peter
___
ope
Viktor Tarasov wrote:
> >> - mailling list: the same, if no other suggestions, I'm ready to
> >> install/migrate it to 'opensc.fr' platform.
> >> Would be nice if one of the experts explain what is the actions to
> >> follow for such migration.
> > I don't like mailman too much. I've set it up, but
Viktor Tarasov wrote:
> Do you mean that with sources on github it would be more useful to
> use the bug system and wiki on github, as Ludovic proposed,
> and not the Trac installed on someone's platform ?
I don't know how well github issues and wiki integrate with repos -
what I've seen isn't too
Andreas Jellinghaus wrote:
> I wonder what we can or should do to improve the state of the project.
I think it's clear that only very few entities are putting resources
into the project.
> there hasn't been any real discussion, no back and forth about the
> merrits of the different proposals, an
> - TRAC (wiki?): it seems that Peter Stuge proposed to do something
> with Trac.
> Peter, if you are here, can you take this part, or at least explain
> how it could be done, please?
> If no suggestions, Trac can also be hosted by 'opensc.fr' .
Educating someone on how t
Ludovic Rousseau wrote:
> Andreas, the host available at opensc-project.org will disapear at the
> end of the year 2012 [2].
I think you misunderstood what Andreas wrote in his email.
I think that what Andreas was saying is that someone else needs to be
root and care for the machine.
I don't exp
Anders Rundgren wrote:
> http://www.theregister.co.uk/2012/11/13/trustzone_company
>
> Smart cards? Don't think so.
TrustZone isn't half bad hardware.
But I bet that the solution they come up with will still use exactly
the same old APDUs, with just a minimum bolted-on, in order to make
somethi
Andreas Jellinghaus wrote:
> if there is noone specialised on setting up such a server and keeping
> it running well and secure
There is, and my offer still stands.
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.
Jean-Michel Pouré - GOOZE wrote:
> Can you help?
Difficult without actual error output. The mail only included the
executed commands.
//Peter
pgpyInSbTHDae.pgp
Description: PGP signature
___
opensc-devel mailing list
opensc-devel@lists.opensc-project
Andreas Schwier wrote:
> I will first need to write a small test in C to reproduce the problem.
> Right now we test from Java, which makes debugging a real nightmare.
Maybe you can reproduce it using some of the existing command line
tools?
//Peter
___
Andreas Schwier (ML) wrote:
> there is apparently a nasty bug in framework-pkcs15.c that causes a SIGV
> when via PKCS#11 a certificate object is deleted, but not the related
> public key object.
>
> Occasionally this triggers a SIGV when the caller later accesses the
> CKA_ID attribute which trie
Ravneet Singh Khalsa wrote:
> Is there equivalent command for Windows specific environment ?
>
> The command seems to be pointing to engine_pkcs11.so and
> opensc-pkcs11.so files. I couldn't find these files anywhere.
..
> I am a programmer and I understand only programming languages.
It's good f
Jean-Michel Pouré - GOOZE wrote:
> I was quite busy and failed to do any work these last days.
Remember how much easier it is to write email with opinion.
//Peter
pgpNhpOSPqCvo.pgp
Description: PGP signature
___
opensc-devel mailing list
opensc-devel
NdK wrote:
> >> IIUC that bit is not authenticated, so a MITM attack can force both the
> >> reader and the card think the other party doesn't support PIN auth,
> >> making the card sign the transaction anyway, regardless the amount
> >> involved. So IMVHO it's quite serious...
> > http://www.cl.ca
NdK wrote:
> IIUC that bit is not authenticated, so a MITM attack can force both the
> reader and the card think the other party doesn't support PIN auth,
> making the card sign the transaction anyway, regardless the amount
> involved. So IMVHO it's quite serious...
http://www.cl.cam.ac.uk/~sjm217
Andreas Jellinghaus wrote:
> A small follow up: As far as I know the server does:
> * svn server / code repository
> * svn server / release tar.gz repository (also containing binaries)
> * build robot to create nightly builds and or automated builds (jenkins?)
> * many trac repositories - wiki, bro
Peter Åstrand wrote:
> proprietary "BankID" application
I suggest to try https://fribid.se/ out.
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Martin Paljak wrote:
> IIRC it was apple who wants to make a phone self-register. Meaning
> there are no parts to add or remove from the phone and you pair it to
> your operator "online". The question IMHO is how much do telcos want
> to give up the "freedom" of controlling access to their networks
Andreas Schwier (ML) wrote:
> we've put in a pull request in github/opensc/staging to include a card
> driver and PKCS#15 emulation module for our SmartCard-HSM [1].
That sounds nice. I haven't yet looked at the code.
> This driver is a read-only driver that works with SmartCard-HSMs that
> alre
Viktor Tarasov wrote:
> I would like to start preparation of the new release based on the
> 'staging' branch of GitHub OpenSC .
> Your suggestions proposals are heartily welcome.
I suggest, as always, to not release anything without good review.
//Peter
__
Hi Frank,
Frank Morgner wrote:
> general concern that there are some conceptual problems
I'm afraid that your standards may be much too high. :\
Thanks for caring though!
//Peter
pgp4FGRmNZD7Y.pgp
Description: PGP signature
___
opensc-devel mailing
Ludovic Rousseau wrote:
> >> I don't know where the "Gerrit's review directory" is and could not
> >> find a gerrit config file.
> >
> > ps www $(pidof java)
>
> $ pidof java
> 24079
>
> $ ps www $(pidof java)
> PID TTY STAT TIME COMMAND
> 24079 pts/2Sl+ 29:22 java -jar jenkins.war
Ludovic Rousseau wrote:
> I don't know where the "Gerrit's review directory" is and could not
> find a gerrit config file.
ps www $(pidof java)
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/ma
Jean-Michel Pouré - GOOZE wrote:
> * Do we still fetch opensc-project development hooks?
> scp -p -P 8882 www.opensc-project.org:hooks/commit-msg .git/hooks/ s
> I don't know what it is for and propose to remove it.
Do you agree that it's difficult to propose to remove something you
don't know wha
Jean-Michel Pouré - GOOZE wrote:
> do you confirm that anyone can now make a pull request using only GIThub?
As you know I for one am strongly against centering anything around
the github workflow, especially when gerrit is available.
//Peter
___
opens
Jean-Michel Pouré - GOOZE wrote:
> > You can modify sshd a little or use some PAM module which I'm sure
> > can implement this policy.
> >
> > For sshd you can start by setting MaxSessions to 1, but there's no
> > MaxAuthenticatedSessions setting. Be careful with MaxStartups, or
> > it becomes ver
Jean-Michel Pouré - GOOZE wrote:
> * If possible, I would like to restrict the number of concurrent
> sessions in OpenSSH an set it to one. There should be no idle session.
> If someone is already connected doing debugging, OpenSSH should reject
> connection. This is the most tricky part of the set
Jean-Michel Pouré - GOOZE wrote:
> What I suggest is that OpenSC should be hosted on GIThub with write
> access to core developers (at least 5/6 people).
Insisting on changing some hosting situation that has been set up is
nothing but obnoxious protesting and spitting on the already
established ho
Alon Bar-Lev wrote:
> Peter, quality is not absolute term.
In computing I actually think it is; a high quality program does
exactly what it is supposed to do and never anything else.
Computers are very simple machines, so it is feasible for humans to
create such programs.
> best algorithm
> "go
Ludovic Rousseau wrote:
> 2012/5/27 Jean-Michel Pouré - GOOZE :
> > Sufficient privileges in GIThub should be granted to a group of people.
> > Trust is enough to agree on commits. FOAS means "Free" and "Open".
>
> FOAS = ?
I guess FOSS.
The "open" does however not mean that the entire world mus
Nguyễn Hồng Quân wrote:
> I'm starting from the current codebase, which uses a emulation layer,
> so I don't know other choice than continue with this approach.
First create the improved infrastructure in OpenSC that your work
needs.
> > Maybe it would be better to have a single "sticky pkcs15-
Martin Paljak wrote:
> Maybe it would be better to have a single "sticky pkcs15-ish mapping
> for a fixed profile card" in a single location (like the pkcs15
> emulation drivers) and allow pkcs15-tool (which does not try to create
> any PKCS#15 structures) to re-generate exposed key slots and repla
NdK wrote:
> > BT-readers
>
> Urgh... I wouldn't use a BT reader unless the card uses SM.
> It's trivial, if you sniff the pairing, to decode the whole BT
> traffic. And non-SM cards receive the pin as cleartext.
http://ubertooth.sourceforge.net/ about ~100 EUR including shipping.
//Peter
_
Viktor Tarasov wrote:
> I still propose to merge the SM branch into the github:OpenSC-staging
> and prepare it as candidate for release . It should not be difficult,
> recently both branches has been synchronized.
The difficulty lies not in making something that builds, the
difficulty lies in unde
Anton Svensson wrote:
> Hmm, what kind of info is needed? Dont have that much to be honest
Full debug logs from pcscd and/or opensc?
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listi
Jean-Michel Pouré - GOOZE wrote:
> ease the collaboration process quickly or the community will set-up
> its own tools.
Please stop blowing smoke. You want to fork so GO AND DO IT ALREADY!
You clearly have no desire to work together with all members of the
community. You've decided that only your
Ludovic Rousseau wrote:
> >> on the SM branch use: "git format-patch origin" to get the changes
> >> in individual patch files.
> >> on the gerrit/staging use: "git am my_patch" for all the previously
> >> generated patches.
> >
> > I would avoid doing this manually. git rebase really is the way to
Viktor Tarasov wrote:
> How the 'staging', that you are working on, is related to the
> 'staging' branch of the OpenSC.git from github ?
> Looking onto the git workflow
> (https://www.opensc-project.org/opensc/wiki/DevelopmentPolicy)
> I do not quite understand the place of 'staging' on the
> opens
Ludovic Rousseau wrote:
> >> 1. rebase the SM branch over the OpenSC version in gerrit/staging
> >
> > Okay. So all we need is a diff between SM and staging?
>
> No. What you need is to extract all the SM patches and apply them
> on the gerrit/staging branch.
> Of course some conflicts are expecte
Jean-Michel Pouré - GOOZE wrote:
> community, is there a way to agree to switch the 'public
> staging' to 'SM' and use it as a principal base for releases?
I don't think there is.
//Peter
pgpmvOdeyPmxt.pgp
Description: PGP signature
___
opensc-devel
Ludovic Rousseau wrote:
> Gerrit has more than 200 patches still waiting the the backlog.
> Many of them can't be merge since they do not 'fast-forward' and must
> be rebased by hand.
>
> Since the git commits were created without a Change-Id: we have 3
> options (I think):
> 1. edit each commit m
Ludovic Rousseau wrote:
> > Whenever I start pcscd manually:
> > sudo pcscd --foreground --debug
>
> Use:
> sudo /usr/sbin/pcscd --foreground --debug
Is it re-executing? Suggest do like sshd and refuse to start without
full path in that case.
//Peter
Ludovic Rousseau wrote:
> > automatically send notifications for all new patches to the
> > opensc-devel mailing list,
>
> Peter, can you explain how to setup gerrit for that? I think only
> Martin can do that change as the gerrit admin.
It requires adding a patchset-created hook into the magic h
Peter Stuge wrote:
> > So I would be in favor of letting main developers commit their
> > changes to ONE SINGLE git staging branch directly and let
> > developers/users fix the code.
>
> It's an interesting idea, but it places a significantly higher
> workload on
Many thanks for coming back on topic for OpenSC! :)
Jean-Michel Pouré - GOOZE wrote:
> In bazar development, we should agree to release unperfect code in
> one "unstable" branch and let the community fix it.
I don't oppose having stable and unstable development processes per
se. But usually it's
"Magosányi, Árpád" wrote:
> > Graeme did some rework of the patch, but generally did not seem to
> > agree with the review. The new solution included the addition of new
> > API calls, however without any documentation. As anyone who has
> > looked at the code and doxygen output, libusb is quite we
Ludovic Rousseau wrote:
> I think you are doing the good thing. Thanks.
I agree!
> I encourage every user of the opensc-devel list to:
> - create a gerrit account
> - subscribe to the Email notifications. Go in Settings -> Watched
> Projects and check the 3 notifications boxes for the OpenSC pro
Jean-Michel Pouré - GOOZE wrote:
> Just remember there was a peer discussing about a 60 second timeout bug
> in libusb/pcscd. The first peer says "the bug is in libusb". The second
> peer says "the bug is in libccid". And the bug never gets fixed. And ALL
> tokens may suffer from this 60 seconds ti
Jean-Michel Pouré - GOOZE wrote:
> iterative modifications and evolutions. This only happens if the
> first version of a patch is committed fast and spreads using the
> Internet.
WTF?
This goes diametrically against the goal of software quality.
It is becoming clear to me that you have absolute
"Magosányi, Árpád" wrote:
> I see the messages but do not understand.
What's your git level?
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
"Magosányi, Árpád" wrote:
> 6 months worth of patches which cannot be reviewed
This is simply not true. *Anyone* can register on Gerrit and review,
and *all* review is a helpful contribution!
The problem is not that the code can not be reviewed, but that noone
is doing review. Anyone can do it.
Jean-Michel Pouré - GOOZE wrote:
> > Please understand that whatever you try to organize democratically
> > will indeed be a fork. Open source is not democracy.
>
> Peter, you are shooting yourself a bullet in the foot.
This isn't about me.
> As written before, some people really believe to o
Jean-Michel Pouré - GOOZE wrote:
> > Jean-Michel, as I've said already, please stop the noise and go fork
> > if that is what you want! I promise I'll stay far away.
>
> We don't want to fork, this would be stupid.
Please understand that whatever you try to organize democratically
will indeed be
Alon Bar-Lev wrote:
> I will try again.
Thanks! It really helps!
> > > The bureaucracy and lack of flexibility will inhibit contributions
> > > and healthy *SMALL* community.
> >
> > What bureaucracy do you mean? Requiring no build failure and review
> > in gerrit? I think those are acceptable r
Jean-Michel Pouré - GOOZE wrote:
> Unless you agree that by writing on the mailing list, we are going
> to incorporate an association.
Jean-Michel, as I've said already, please stop the noise and go fork
if that is what you want! I promise I'll stay far away.
//Peter
pgprOilbqPvTj.pgp
Descript
Alon Bar-Lev wrote:
> I think you are trying to make opensc something it is not.
I am not trying to do a single thing beyond pointing out that there
is alot of complaints and wasted time over no *actual* problem.
> The bureaucracy and lack of flexibility will inhibit contributions
> and healthy
Viktor Tarasov wrote:
> > What is it that does not currently work and which is
> > critical for developing perfect commits?
..
> - replication in gerrit
If you mean the mirroring of commits to github.com I don't see how
that is critical. Work with the repo in gerrit instead. Many projects
have no
Viktor Tarasov wrote:
> Could you explain here how can we 'move forward', preferably
> without appealing to the absent persons and to the non-working
> services?
No, a "move forward" idea is broken from the start.
Be specific. What is it that does not currently work and which is
critical for deve
Viktor Tarasov wrote:
> I still propose to temporarily use the alternatives jenkins & gerrit.
It's IMO really stupid to fork anything, regardless if it is code or
infrastructure.
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.o
Ludovic Rousseau wrote:
> Change 2 now merged.
Ok!
> I also tried with change 3
> https://www.opensc-project.org/codereview/#change,3 but I get the
> error:
> "Gerrit Code Review 8:45 PM
>
> Change cannot be merged due to unsatisfiable dependencies.
>
> The following dependency error
Ludovic Rousseau wrote:
> So I used the OpenSC documentation at [2] and rebased my staging
> branch (from [3]) onto gerrit/staging.
Note that gerrit/staging is a so-called remote tracking branch, and
it's best not to commit to those to avoid conflicts if other changes
arrive from the remote than t
Peter Stuge wrote:
> The current config has strong arguments, even if it brings slightly
> more inconvenience. I actually favor not changing the config, even if
> we will have to rebase each and every change.
Thinking again about this, there's another possible problematic
situation
Ludovic Rousseau wrote:
> > I made an attempt to kick change 1 loose.
>
> Done.
> The status is now "Merged" and the change is available in git at
> https://www.opensc-project.org/codereview/p/OpenSC but not yet on
> git://github.com/OpenSC/OpenSC.git
I guess github is synced only periodically.
Peter Stuge wrote:
> I made an attempt to kick change 1 loose.
Ok, so that worked. It would work fine to repeat this for each
change, even if it is a bit labour intensive at least now, to clear
the backlog. I've done it also for change 2 now.
As you may recall, approving and submit
Hi,
Ludovic Rousseau wrote:
> I don't know if gerrit is broken or if I do not know how to use it :-)
I would say that gerrit has some problem.
> Example with https://www.opensc-project.org/codereview/#change,6
> The status is "Submitted, Merge Pending". And has not changed since
> Feb 19 (one m
Douglas E. Engert wrote:
> change,44 below is Vicktor's, not mine. I should not have said
> "I think I have to rebase the code, and do another pull request?"
You can also do it!
//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-projec
Peter Stuge wrote:
> You mentioned that one component is the small proprietary HID code
> for Linux and that part is of course not available, but it seemed
> like the other parts might be? Or did I misunderstand?
I think I did. I read your email again to check.
> Can you say mo
Jean-Michel Pouré - GOOZE wrote:
> > No need for token, but thanks for the offer! :) The code that already
> > supports the device is instead what I would look at. Is it available
> > online?
>
> Sorry, it is not publicly available.
You mentioned that one component is the small proprietary HID c
Jean-Michel Pouré - GOOZE wrote:
> > http://libusb.org/wiki/FAQ#CanIcreateadriverlessdeviceusingHIDclass
>
> I wron't discuss as I don't know if improving HID for GNU/Linux is
> really time consuming.
Hopefully you read the page anyway to find out about the
considerations for HID. It may still be
Hi!
Jean-Michel Pouré - GOOZE wrote:
> > It's my old idea of implementing PKCS#11 directly over USB. Issues
> > have been pointed out, and they would have to be solved of course.
>
> Feitian offers two ranges of products: CCID (ePass2003 and other
> products) and HID over USB (ePass2001 and othe
Douglas E. Engert wrote:
> I have not tried this, but check out this token too:
>
> http://www.goldkey.com/usb-smart-card-with-piv.html
>
> Built-in PIV Support
> Basic functionality and support for PIV cards and tokens already
> exists in Microsoft Windows®, Mac OS® X, and many Linux® dist
Anders Rundgren wrote:
> > It's my old idea of implementing PKCS#11 directly over USB. Issues
> > have been pointed out, and they would have to be solved of course.
>
> Maybe you would like to have an STM32F215-based token?
> 160 MHz, 128K RAm 1M Flash, USB HS, True RNG, AES
> It may happen this y
Douglas E. Engert wrote:
> I am new to Gerrit too,
All right! I'm by no means an expert, but I have been using it in
several projects for a while, where I also helped with issues during
the migration, so please feel free to ask any questions.
> but it looks like if 2 code reviews give a +1, the
Anders Rundgren wrote:
> I don't know what USB P11 is, can you send me a pointer?
It's my old idea of implementing PKCS#11 directly over USB. Issues
have been pointed out, and they would have to be solved of course.
> Although PKCS #11 is good it is not particularly popular on Windows.
> It is e
Anders Rundgren wrote:
> You didn't hear my presentation at FOSDEM 2012 but it was about
> creating a token with a standard API so that you would as a
> customer be able to just plug it in.
This is an advantage of USB P11. In Windows 8 and later there doesn't
even have to be a driver installed, si
Peter Stuge wrote:
> > Please advise:
> > 1) How to push a patch from GITHUB to OpenSC staging directory.
> > In two or three sentences.
>
> I would do:
>
> One-time setup:
> a. Create Gerrit account and add username and public SSH key
> b. git clone from git
Jean-Michel Pouré - GOOZE wrote:
> I created an account on Gerrit and looked at this URL:
> https://www.opensc-project.org/codereview/#q,status:open,n,z
>
> Some issues are marked 18 February 2012 with "Jenkins" user.
> So it seems we have GITHUB, Jenkins and Gerrit ...
>
> All this seems complic
Jean-Michel Pouré - GOOZE wrote:
> > We are also not in a democracy. We are in a security related open
> > source project.
>
> Don't get me wrong. This is an organization issue. I am not talking
> about forking OpenSC, this would be stupid.
Not neccessarily - if there is critical mass I think it
Viktor Tarasov wrote:
> >> Nobody doubts that review in critical.
> >> But what shall we do now, how can we 'move forward',
> >> if the review/acceptance process is stopped at the Gerrit level
> >> and the only person that is capable and has authority to do
> >> something is absent for a long time
Jean-Michel Pouré - GOOZE wrote:
> > Until newbies can demonstrate that they have learned the right things
> > they are by definition not moving forward.
>
> Come-on, we are not in a class-room or in an administration.
We are also not in a democracy. We are in a security related open
source proj
Anders Rundgren wrote:
> For non-government tokens like the excellent Feitian Epass2003
> I would consider another approach: Updating the firmware to
> emulate PIV so that we can put the middleware aside once and
> for all.
I agree completely that all the legacy involved in tokens and cards
is hor
Viktor Tarasov wrote:
> Nobody doubts that review in critical.
> But what shall we do now, how can we 'move forward',
> if the review/acceptance process is stopped at the Gerrit level
> and the only person that is capable and has authority to do
> something is absent for a long time already ?
I su
Jean-Michel Pouré - GOOZE wrote:
> 1) The ePass2003 code was reviewed by Viktor and included in his branch.
> You probably did not know, did not compile, did not test and therefore
> Viktor's work is ignored.
This is appropriate in my opinion, because I do not think that the
commits are ready for
Jean-Michel Pouré - GOOZE wrote:
> > With Git, anyone and everyone is a committer.
>
> The question here is flexibility:
What flexibility is needed? My point is that everyone can easily
create perfect patches, and given perfect patches which have been
peer reviewed there is no need for flexibilit
Alon Bar-Lev wrote:
> This project loses its flexibility, this is not an advantage.
I disagree. I find that Git allows all the flexibility developers
could ask for.
The cry for more committers is misguided. With Git, anyone and
everyone is a committer. If commits exist but are not being included
Seriously, please trim replies.
Christian Hohnstaedt wrote:
> Anything that can be signed by the card can be signed by a software
> key, too.
Yes of course. But the point is that the card can come with the
special key pre-installed.
//Peter
___
opensc
Frank Cusack wrote:
> For example, if I had some key/cert on the card (and I know it can only
> exist on the card -- this might happen before it is shipped to me or in
> bulk secure provisioning on site) that is not able to be used for anything
> externally. ie, you cannot encrypt,decrypt,sign or
Jean-Michel Pouré - GOOZE wrote:
> Is there a way to store a 3DES key on smartcard, so it cannot be
> extracted but still be usable by OpenSSL?
Maybe some card supports it, but usually it is undesirable for
performance reasons.
Symmetrical ciphers are usually intended for large amounts of data,
s
NdK wrote:
> But I noticed that lastly every command is sluggish.
..
> Is there something I should check or some more debugging I should enable?
Probably libusb bug #56 which has been fixed but not available
everywhere just yet. What distribution do you use?
//Peter
_
Douglas E. Engert wrote:
> >> Is it possible to use:
> >> https://jenkins.opensc-project.org/ instead of
> >> https://www.opensc-project.org:/
> >
> > https://www.opensc-project.org/autobuild/
> >
> >
> >> https://gerrit.opensc-project.org/ instead of
> >> https://www.opensc-project.org:8881/
>
Martin Paljak wrote:
> It is possible to access Gerrit Git interface through HTTP (instructions
> pending) for pushing changes, also to check out code.
Feel free to reuse stuff from http://www.coreboot.org/Git
//Peter
___
opensc-devel mailing list
open
Alon Bar-Lev wrote:
> libltdl is linked against opensc long before I touched the build system.
I was a strong proponent back in the day.
> I suggest the following patchset to completely remove libltdl.
Looks fine to me.
//Peter
___
opensc-devel mail
Ludovic Rousseau wrote:
> > Can you set up standard ports so it passes firewalls?
> > First choice: http / https
>
> Same question but to pass web proxies. git and ssh ports are not
> even available in some places.
Note that Gerrit supports also HTTP push and pull, and http: is no
longer signific
Martin Paljak wrote:
> Here is an overview of updates to opensc-project.org plumbing and Git.
Amazing effort Martin. Thank you so much for getting this done!
> Gerrit uses OpenID for authentication (google.com has one, as do
> many other websites) thus no new passwords needed.
In case anyone ne
1 - 100 of 417 matches
Mail list logo
