Re: Nice talk at FOSDEM, donation of Feitian PKI smarcards

On 02/07/2011 09:10 AM, Jean-Michel Pouré wrote:
> Nice talk at FOSDEM. Very convincing.

It was great meeting you and talking with you as well.

> Just a quick note to let you know that we offer free Feitian PKI
> smartcards to the community to support your projects:


> Just one remark about usability:
> This is very nice to handle trust using PKCS#11 smartcards. But no
> existing framework takes care of initializing smartcards. It seems like
> ever project would like to avoid this kind of issue.
> This is done simply by:
> pkcs15-init -E ;
> pkcs15-init --create-pkcs15 --profile pkcs15+onepin
> --use-default-transport-key --pin 0000 --puk 111111 
> --label "François Pérou"
> Now that pcscd is running from HAL, you may be able to detect the
> presence of a smartcard, display a card or a token in Gnome desktop and
> propose to initialize it. This is a real issue.

Yes, this would be a great project for someone to bite into. Certainly
something that should be simple to do from a UI. But it would only work
for a small number of cards right? In any case that would still be progress.

> Same as for PIN locking, unlocking, which needs to be handled by a GUI.
> I would prefer in Gnome directly.

Yes, we should integrate PIN stuff in GNOME. In fact I have some code
which turns any PKCS#11 module into a CKF_PROTECTED_AUTHENTICATION_PATH
type module and prompts using gnome-keyring-prompt. This isn't
completely modular, but could be used as a start for this.

> Keep-up the good thinks

You too. All the best!


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]