|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Muscle] Some questions about PKCS#15
From: Peter Tomlinson (pwt
iosis.co.uk)
Date: Wed Feb 09 2005 - 15:50:04 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Those GSM documents are prescriptive specifications, not standards like
7816, and they are supported by a mandatory product testing regime. That
is why they can and do result in interoperable products.
FINREAD, etc, are also specifications. Nobody is (yet) seriously
building to the FINREAD spec, but instead some are using parts of it as
a way to design payment terminals - but the FINREAD compliance is not
being tested. CEPS isn't being used - its too expensive to operate to
that spec, and transaction times are reported to be too long when
cross-border working is needed. eSign is a component spec loking for a
market, and not designed to fit into truly secure transaction methods.
eID isn't a spec yet; the best we have yet in this area is the OSCIE
Volume 3 IAS modelling exercise, and the eAuth CWA (due to be signed off
this Friday) doesn't take the technical material any further. ITSO is a
specification for interoperable transport ticketing, but its not
complete, not debugged, and there is no significant funding to support
it - but some parts of ITSO are tested and do deliver interoperability.
Peter
Scott Guthery wrote:
> The standards deliver interoperabilty. It is ignorning the standards
> that doesn't.
>
> The GSM SIM is based on enforced smart card standards and shows a
> very high level of interoperabilty ... and profitability, I might
> add. Without the SIM most card companies would have gone bust years
> ago.
>
> Europeans employ the canard about ISO/IEC 7816 being unbuildable to
> create a new European smart card standard about every six months
> (FINAID, CEPS, eSign, eID, ITSO, etc.) and none of these have proven
> any more interoperable that ISO/IEC 7816 so it can't be the
> standards. Maybe it has to do with compliance testing and
> enforcement?
>
> IMHO, as always.
>
> Cheers, Scott
>
> -----Original Message----- From: Nils Larsch
> [mailto:nils.larschcybertrust.com] Sent: Wed 2/9/2005 5:53 AM To:
> MUSCLE Cc: Subject: Re: [Muscle] Some questions about PKCS#15
>
> Peter Tomlinson wrote: ... > Sadly, in the smart card world the
> standards do not deliver > interoperability, but instead enable
> suppliers to compete in the market > for closed schemes. well closed
> schemes are more profitable, you can sell the smartcards _and_ the
> software necessary to use them ... Nils
> _______________________________________________ Muscle mailing list
> Musclelists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
>
>
> _______________________________________________ Muscle mailing list
> Musclelists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
>
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]