Hi
We have written a review of four different HSM:s (AEP, Safenet, Thales, and
Utimaco) with focus on creating signatures for DNSSEC with the PKCS#11
interface. Other topics was also addressed like the security model,
administration, and backup/HA-mode.
It is typically TLD:s that uses HSM:s fo
Hello.
On Jan 17, 2011, at 11:41 AM, Rickard Bellgrim wrote:
> We have written a review of four different HSM:s (AEP, Safenet, Thales, and
> Utimaco) with focus on creating signatures for DNSSEC with the PKCS#11
> interface. Other topics was also addressed like the security model,
> administra
On 17 jan 2011, at 12.56, Martin Paljak wrote:
> Most smart cards, especially smart cards personalized by OpenSC, don't have
> very fancy and varying managing capabilities, comparable to HSM-s.
Yes, so you probably have to create another set of review points in this case.
> Yet an overall revi
2011/1/17 Rickard Bellgrim :
> On 17 jan 2011, at 12.56, Martin Paljak wrote:
>> From the report:
>> "For the test of the PKCS#11 interface (review point A.2) we used a
>> specially developed test tool called pkcs11-testing. If desired, please
>> contact the authors to obtain the source code."
>>
We got this working but had to comment the following line in the OpenSC
code: src/libopensc/ctx.c, line 662: sc_ctx_detect_readers(ctx)
To meet our customer's deadline we cannot perform a modification to
OpenSC due to the amount of V&V efforts associated with it. Does
anybody have any recomme
opensc-devel-boun...@lists.opensc-project.org a écrit sur 17/01/2011
15:27:45 :
> [image supprimée]
>
> Re: [opensc-devel] OpenSC 12 with minidriver
>
> Brian Thomas
>
> A :
>
> opensc-devel
>
> 17/01/2011 15:30
>
> Envoyé par :
>
> opensc-devel-boun...@lists.opensc-project.org
>
> W
A very nice report. I agree with your findings about diversity of
authorization models :-)
for smart cards or usb tokens there of course don't exist any "enforced"
security models or backup models etc. One could discuss how it would be
possible to implement such models (using routines etc) in
Hello Viktor,
from Changeset 5094 [1]:
"[...] 'path' is [now] mandatory for the 'Local' PINs."
I think of it as a temporary solution to fix a weakness of "IAS ECC"
cards as specified by The Gixel Group [2]. But keep in mind that the
behaviour up to revision 4927 was conforming with PKCS#15 and IS
Brian Thomas wrote:
> To meet our customer's deadline we cannot perform a modification to
> OpenSC due to the amount of V&V efforts associated with it.
All you need to do is send a clean patch with a commit message that
makes sense. But I guess that's too much. :\
//Peter
___
On 1/17/2011 10:49 AM, Peter Stuge wrote:
> Brian Thomas wrote:
>> To meet our customer's deadline we cannot perform a modification to
>> OpenSC due to the amount of V&V efforts associated with it.
>
> All you need to do is send a clean patch with a commit message that
> makes sense. But I guess
Dear Andre,
On 17.01.2011 17:09, Andre Zepezauer wrote:
> Hello Viktor,
>
> from Changeset 5094 [1]:
> "[...] 'path' is [now] mandatory for the 'Local' PINs."
>
> I think of it as a temporary solution to fix a weakness of "IAS ECC"
> cards as specified by The Gixel Group [2]. But keep in mind tha
I have some questions about the cardmod mini-driver
in OpenSC 0.12.0
It appears that the code in CardAcquireContext is trying to
store in the registry two handles, pcsc_ctx and pcscd_card
in the HKEY_LOCAL_MACHINE, "SOFTWARE\\OpenSC Project\\Opensc"
Using the registry for this does not look corre
12 matches
Mail list logo