Re: Nice talk at FOSDEM, donation of Feitian PKI smarcards
- From: Stef Walter <stefw collabora co uk>
- To: Jean-Michel Pouré <jmpoure free fr>
- Cc: seahorse-list gnome org
- Subject: Re: Nice talk at FOSDEM, donation of Feitian PKI smarcards
- Date: Wed, 09 Feb 2011 19:26:27 +0100
On 02/07/2011 09:10 AM, Jean-Michel Pouré wrote:
> Nice talk at FOSDEM. Very convincing.
It was great meeting you and talking with you as well.
> Just a quick note to let you know that we offer free Feitian PKI
> smartcards to the community to support your projects:
> Just one remark about usability:
> This is very nice to handle trust using PKCS#11 smartcards. But no
> existing framework takes care of initializing smartcards. It seems like
> ever project would like to avoid this kind of issue.
> This is done simply by:
> pkcs15-init -E ;
> pkcs15-init --create-pkcs15 --profile pkcs15+onepin
> --use-default-transport-key --pin 0000 --puk 111111
> --label "François Pérou"
> Now that pcscd is running from HAL, you may be able to detect the
> presence of a smartcard, display a card or a token in Gnome desktop and
> propose to initialize it. This is a real issue.
Yes, this would be a great project for someone to bite into. Certainly
something that should be simple to do from a UI. But it would only work
for a small number of cards right? In any case that would still be progress.
> Same as for PIN locking, unlocking, which needs to be handled by a GUI.
> I would prefer in Gnome directly.
Yes, we should integrate PIN stuff in GNOME. In fact I have some code
which turns any PKCS#11 module into a CKF_PROTECTED_AUTHENTICATION_PATH
type module and prompts using gnome-keyring-prompt. This isn't
completely modular, but could be used as a start for this.
> Keep-up the good thinks
You too. All the best!
] [Thread Prev