OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
RE: [Muscle] Networking Smart Cards

From: Scott Guthery (sgutherymobile-mind.com)
Date: Wed Apr 20 2005 - 08:57:33 CDT

1) Use TLP-224. Works fine over the Internet and many card terminals speak it.
2) Put an IP stack on the card. Internet Drafts are already in place and ICANN numbers allocated for smart card ports and smart card IP protocol.
 
Cheers, Scott

        -----Original Message-----
        From: muscle-bounceslists.musclecard.com on behalf of Simon Richter
        Sent: Wed 4/20/2005 4:54 AM
        To: MUSCLE
        Cc: opensc-useropensc.org
        Subject: Re: [Muscle] Networking Smart Cards
        
        

        Hi,
        
        Peter Åstrand schrieb:
        
> I'm trying to find a solution for "networking" smart cards. The context
> is thin clients, say LTSP (www.ltsp.org). Smart card readers connected
> to the client should be usable from the terminal server. I know that
> protocols such as RDP supports smart card redirection, but I'd like to
> have a standalone solution, running over a simple TCP connection.
        
        I have something in the works for that: I plan to write a generic
        resource forwarding framework which would ultimately also be able to
        forward smartcards (which need special handling for local PIN entry).
        I'm going to use X11's ICE as a transport protocol in the beginning, as
        I don't need to care about authentication then -- simply start the
        program that exports the reader as root, have it open the reader and
        drop privileges, then open a window and announce "If you need a smart
        card reader, talk to the owner of this window" in the window properties.
        
        This way, I only need to care about trusted vs. untrusted X11 clients
        (which is trivial) instead of finding out who is connected to the local
        terminal etc., and I get ssh forwarding for free.
        
        The project is not very far yet. I am basically experimenting with ICE,
        as I have never used it before. I expect to have some proof-of-concept
        forwarding code for some simple device in about two weeks.
        
           Simon
        
        

_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle