OpenSC on smartcardservices.macosforge.org? (Re: SCA for Snow Leopard)

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSC on smartcardservices.macosforge.org? (Re: SCA for Snow Leopard)

Ludovic Rousseau
Hello,

2009/10/2 Martin Paljak <[hidden email]>:
> Maybe we should try
> working with apple to get libopensc and the tokend to be included in OSX?
>  http://smartcardservices.macosforge.org/ leaves me the impression that
> maybe, just maybe, apple is also interested in working  *with* the open
> source community and not just publish the source they use and hope that
> somebody fixes the bugs they introduce? Given the fact that OpenSC supports
> many European eID cards there is a good reason why to treat OpenSC.tokend on
> a par with PIV/CAC tokend-s, except unlike PIV is not of interest to the US
> federal buyers.

I am one of the team members [1] of the SmartCardServices project on
MacOSForge.org

I don't know yet if it is a good idea to push OpenSC inside Mac OS X.
But if the "OpenSC community" wants to do that I can help.
I think we could just upload one or more .tar.gz file and the needed
build infrastructure on smartcardservices.macosforge.org.

Once "we" have decided if we want to go this way we should ask Shawn
Geddis (from Apple and also member of the SmartCardServices project)
what he thinks about the idea.

Regards,

[1] http://smartcardservices.macosforge.org/trac/wiki/team

--
 Dr. Ludovic Rousseau
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: OpenSC on smartcardservices.macosforge.org? (Re: SCA for Snow Leopard)

Martin Paljak-2
Bonjour,

On 02.10.2009, at 13:45, Ludovic Rousseau wrote:

> Hello,
>
> 2009/10/2 Martin Paljak <[hidden email]>:
>> Maybe we should try
>> working with apple to get libopensc and the tokend to be included  
>> in OSX?
>>  http://smartcardservices.macosforge.org/ leaves me the impression  
>> that
>> maybe, just maybe, apple is also interested in working  *with* the  
>> open
>> source community and not just publish the source they use and hope  
>> that
>> somebody fixes the bugs they introduce? Given the fact that OpenSC  
>> supports
>> many European eID cards there is a good reason why to treat  
>> OpenSC.tokend on
>> a par with PIV/CAC tokend-s, except unlike PIV is not of interest  
>> to the US
>> federal buyers.
>
> I am one of the team members [1] of the SmartCardServices project on
> MacOSForge.org
Seen that, but it does not state your relation to it. Are you on the  
payroll of Apple in some ways and responsible for pcsc-lite/ccid stack  
or as an external maintainer?

> Once "we" have decided if we want to go this way we should ask Shawn
> Geddis (from Apple and also member of the SmartCardServices project)
> what he thinks about the idea.
I've touched the topic in a private mailing but never got a reply.

It would anyway cover either only static OpenSC.tokend or maybe  
libopensc+OpenSC.tokend. But until that happens, what, why and how  
should we put into our own installer?
The reason for a custom OpenSSL was apparently DSO support, which is  
built into OpenSSL 0.9.8 on Snow Leopard => we have the option of  
dropping OpenSSL, IMHO.

What do you think should be put into "SCB" (Maybe instead "OpenSC  
installer for OS X" ?)?

On one hand, it could be as slim and clean as possible. On the other  
hand it could be a feature-rich package of ready to use applications  
bundled into it.

For a OS X installer I would hope to see some end-user friendly stuff  
in it, meaning things with a GUI or things that patch only system  
components (like PKCS#11 and Tokend) for GUI applications. For a "way  
to install all the nice pieces of unix software if you're a unix guy"  
I would actually prefer to have a fink/macports solution.

It could be compared with FUSE and MacFUSE and MacFUSE provides the  
SSHFS components (like SCB currently includes a custom SSH version)


Cheers,
--
Martin Paljak
http://martin.paljak.pri.ee
+372.515.6495




_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: OpenSC on smartcardservices.macosforge.org? (Re: SCA for Snow Leopard)

Ludovic Rousseau
2009/10/2 Martin Paljak <[hidden email]>:

> Bonjour,
>
> On 02.10.2009, at 13:45, Ludovic Rousseau wrote:
>
>> Hello,
>>
>> 2009/10/2 Martin Paljak <[hidden email]>:
>>>
>>> Maybe we should try
>>> working with apple to get libopensc and the tokend to be included in OSX?
>>>  http://smartcardservices.macosforge.org/ leaves me the impression that
>>> maybe, just maybe, apple is also interested in working  *with* the open
>>> source community and not just publish the source they use and hope that
>>> somebody fixes the bugs they introduce? Given the fact that OpenSC
>>> supports
>>> many European eID cards there is a good reason why to treat OpenSC.tokend
>>> on
>>> a par with PIV/CAC tokend-s, except unlike PIV is not of interest to the
>>> US
>>> federal buyers.
>>
>> I am one of the team members [1] of the SmartCardServices project on
>> MacOSForge.org
>
> Seen that, but it does not state your relation to it. Are you on the payroll
> of Apple in some ways and responsible for pcsc-lite/ccid stack or as an
> external maintainer?

I am not on Apple payroll. Just an external maintainer with an
interest in a working PC/SC layer on Mac OS X.

>> Once "we" have decided if we want to go this way we should ask Shawn
>> Geddis (from Apple and also member of the SmartCardServices project)
>> what he thinks about the idea.
>
> I've touched the topic in a private mailing but never got a reply.

Shawn is sometimes _very_ slow to answer.

> It would anyway cover either only static OpenSC.tokend or maybe
> libopensc+OpenSC.tokend. But until that happens, what, why and how should we
> put into our own installer?
> The reason for a custom OpenSSL was apparently DSO support, which is built
> into OpenSSL 0.9.8 on Snow Leopard => we have the option of dropping
> OpenSSL, IMHO.

The idea to put (part of) OpenSC on the SmartCardServices project is
to have it included in a future version of Mac OS X. So no installer
is needed, it is installed with the operating system.

> What do you think should be put into "SCB" (Maybe instead "OpenSC installer
> for OS X" ?)?
>
> On one hand, it could be as slim and clean as possible. On the other hand it
> could be a feature-rich package of ready to use applications bundled into
> it.
>
> For a OS X installer I would hope to see some end-user friendly stuff in it,
> meaning things with a GUI or things that patch only system components (like
> PKCS#11 and Tokend) for GUI applications. For a "way to install all the nice
> pieces of unix software if you're a unix guy" I would actually prefer to
> have a fink/macports solution.

I think SmartCardServices is not the right place for a feature rich package.
We should continue to host such a package on opensc.org

Regards,

--
 Dr. Ludovic Rousseau
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: OpenSC on smartcardservices.macosforge.org? (Re: SCA for Snow Leopard)

JP Szikora-2
In reply to this post by Martin Paljak-2

Le 02-oct.-09 à 14:42, Martin Paljak a écrit :

> The reason for a custom OpenSSL was apparently DSO support, which is
> built into OpenSSL 0.9.8 on Snow Leopard => we have the option of
> dropping OpenSSL, IMHO.
>

Hi Martin,

You're right. I've recompiled engine and linked with the natively  
installed libcrypto, and I'm able to create a self-signed certificate  
using a private key stored on a smartcard. Makefile-SL updated.

Thanks,

Jean-Pierre
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel