Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
RE: [Muscle] No padding with CCID pinpad readers?
From: Peter Williams (home_pwmsn.com)
Date: Mon Dec 04 2006 - 21:12:47 CST
using a smartcard to create an EAP token, that does a remote logon to a windows host is pretty stable in XP.
It was the RDP case (with a MSFT XP RDP Client, using MSFT PC/SC client side, and client-side CCID reader device) that is still confounding me. Im hoping it got solved in vista.
On another topic, I need some vocabulary help.
We need to learn to distinguish "FIPS 201" _approval_ of a "Cryptographic Module"
>From HSPD-12 _compliance_ of an "HSM", bearing a cryptographic module.
I assume the design of the cryptoboundary of the crptographic module is FIPS 140-2 "certified" and the device can still be operationally in either "FIPS mode", or not.
One assume FIPS 201 approval tested the CM when it was operating in FIPS mode. But, is the absence of non-FIPS mode NECESSARY for FIPS 201 approval?
With HSPD covering HSM, and 201 covering CMs, and 1401-2 encompassing both boundaries, this is a linguistic mess.
SafeNet K3 card for Luna HSMs receives FIPS 201 approval for cryptographic modules
Certification makes Luna HSMs first to become HSPD-12 compliant
October 19, 2006 – SafeNet, Inc., has announced that the company’s K3 card has received Federal Information Processing Standard (FIPS) 201 certification for cryptographic modules. The K3 card, a component in SafeNet’s Luna Hardware Security Modules (HSMs), is the first cryptographic module certified for FIPS 201, making it the first HSM to be certified Homeland Security Presidential Directive-12 (HSPD-12) compliant. HSPD-12 is an executive mandate requiring that all federal employees and contractors use a smartcard
> Date: Mon, 4 Dec 2006 14:17:41 -0600> From: deengertanl.gov> To: musclelists.musclecard.com> Subject: Re: [Muscle] No padding with CCID pinpad readers?> > > > Peter Williams wrote:> > not responding to the query, but speaking of CCID given the vista release...> > > > anyone know if the CCID reader attached to the host machine of the _client's_ remote desktop session (the RDP5 protocol) can now be attached to the remote process?> > > > This scenario was possible for XP, when the reader was serial but not CCID/USB.> > Maybe I did not understand your configuration, but I have used as CCID/USB reader at home to> login to a computer at work and have used a PCMCIA reader in a laptop to login to a computer> at work. All XP pro.> > > > > > > The fun part of this, for PCSC dev., is that one has to decide how the "two" host controller state machines collaborate, given either could demand exclusive control on behalf of its particular API consumer.> > > > > > > > > >>From: stef.hoebenzetes.com> To: musclelists.musclecard.com> Date: Mon, 4 Dec 2006 17:23:14 +0100> Subject: [Muscle] No padding with CCID pinpad readers?> > Hi,> > we have a card that uses unpadded pin buffers> (e.g. 00 22 00 02 04 31 32 33 34 for a verify PIN)> > Looking at the CCID specs, could it be true that> there's no support for this?> > (Sorry if asked before...)> > Thanks,> Stef> _______________________________________________> Muscle mailing list> Musclelists.musclecard.com> http://lists.drizzle.com/mailman/listinfo/muscle> > > > _________________________________________________________________> > All-in-one security and maintenance for your PC. Get a free 90-day trial!> > http://www.windowsonecare.com/purchase/trial.aspx?sc_cid=wl_wlmail> > > > > > ------------------------------------------------------------------------> > > > _______________________________________________> > Muscle mailing list> > Musclelists.musclecard.com> > http://lists.drizzle.com/mailman/listinfo/muscle> > -- > > Douglas E. Engert <DEEngertanl.gov>> Argonne National Laboratory> 9700 South Cass Avenue> Argonne, Illinois 60439> (630) 252-5444> _______________________________________________> Muscle mailing list> Musclelists.musclecard.com> http://lists.drizzle.com/mailman/listinfo/muscle
Express yourself with gadgets on Windows Live Spaces
Muscle mailing list