Spyrus Cards with OpenSc

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Spyrus Cards with OpenSc

Tim Brennan
I've searched the archives and read the page in the (new) wiki, so I understand they aren't on the 'supported' list or even in the "we've tried looking at them" list -- but I want to know if anyone out there has spent any time looking at supporting any of the Spyrus cards with opensc.  They're easily available and well supported by a lot of people in the Windows world.  Has anyone looked at these and decided it was just not possible to support them on Linux for some reason, or is it just a case of nobody getting around to it?  Has anyone ever tried contacting them or working with Spyrus?

To give a little more detail, I have a customer who's pretty insistent that we support a FIPS certified card from a 'trusted' manufacturer, and they expressed an initial preference for the Spyrus cards.  So beyond info about the Spyrus cards, I'd be happy for any suggestions the group might have for other cards that fit this description -- I've gone through the list on the Wiki and there doesn't seem to be a great option.

Thanks so much,

--tim


------------------------------------------------------------------------------
November Webinars for C, C++, Fortran Developers
Accelerate application performance with scalable programming models. Explore
techniques for threading, error checking, porting, and tuning. Get the most
from the latest Intel processors and coprocessors. See abstracts and register
http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Spyrus Cards with OpenSc

Douglas E. Engert


On 11/8/2013 3:02 PM, Tim Brennan wrote:
> I've searched the archives and read the page in the (new) wiki, so I understand they aren't on the 'supported' list or even in the "we've tried looking at them" list -- but I want to know if anyone
> out there has spent any time looking at supporting any of the Spyrus cards with opensc.  They're easily available and well supported by a lot of people in the Windows world.  Has anyone looked at
> these and decided it was just not possible to support them on Linux for some reason, or is it just a case of nobody getting around to it?  Has anyone ever tried contacting them or working with Spyrus?
>
> To give a little more detail, I have a customer who's pretty insistent that we support a FIPS certified card from a 'trusted' manufacturer, and they expressed an initial preference for the Spyrus
> cards.  So beyond info about the Spyrus cards, I'd be happy for any suggestions the group might have for other cards that fit this description -- I've gone through the list on the Wiki and there
> doesn't seem to be a great option.

If you want a FIPS certified card from a 'trusted' manufacturer, check out PIV/HSPD-12/FIPS-201 cards,
available from multiple vendors.

Windows 7 has Microsoft PIV drivers.

OpenSC supports the PIV cards on Linux, Mac, Windows.

http://csrc.nist.gov/publications/fips/fips201-1/FIPS-201-1-chng1.pdf

Not with the FED GOV?

PIV-C is a way of using PIV cards with your own CA, Client code is the same,
just different CAs.

A minimal card has one key, one cert and one additional object, a CHUID.
This can be used for smart card login or WEB browsing.
Add a signing key and cert and an encryption key and cert
and you can od encrypted e-mail.

Approved card, readers, CMS, middleware:
http://fips201ep.cio.gov/apl.php

Google for Card Management Systems.

PIV Client API is published NIST 800-73:
http://csrc.nist.gov/publications/PubsSPs.html



>
> Thanks so much,
>
> --tim
>
>
>
> ------------------------------------------------------------------------------
> November Webinars for C, C++, Fortran Developers
> Accelerate application performance with scalable programming models. Explore
> techniques for threading, error checking, porting, and tuning. Get the most
> from the latest Intel processors and coprocessors. See abstracts and register
> http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
>
>
>
> _______________________________________________
> Opensc-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444

------------------------------------------------------------------------------
November Webinars for C, C++, Fortran Developers
Accelerate application performance with scalable programming models. Explore
techniques for threading, error checking, porting, and tuning. Get the most
from the latest Intel processors and coprocessors. See abstracts and register
http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel