Nick,

As you probably already know, there are a number of standards out there for smart card integration. You may want to start by taking a look at the PC/SC implementation for Windows as it is documented in the MS Platform DDK and SDK CDs. Some time back, Microsoft chose the PC/SC specification (still in version 1.0) to handle smart card and smart card reader integration into their OSes, and is a member of the PC/SC Workgroup that is working on the next version of the standard (www.pcscworkgroup.com).

One stumbling block I can see (given your bias towards Linux) may be that there has been little effort to port the specification to Linux. Certainly, Microsoft is NOT a member of the OpenCard consortium, and (to my knowledge) there is no plan to make them so. That said, a number of smart card vendors ARE members of both groups...

Gary McIntyre
 
  ----- Original Message -----
  From: Nicholas Schuetz
  To: FOCUS-MSSECURITYFOCUS.COM
  Sent: Wednesday, April 11, 2001 1:14 PM
  Subject: Re: Windows 2000 smartcard login

  Thank you for your reply but I am afraid you do not understand my question. Allow me to rephrase it. What I meant to ask is what application and or applet needs to go on the Smart Card itself. What card(s) and from what manufacturer need to be used? I want to know what is the actual application or applet needed for the Smart Card Login in Window$ 2000 Profe$$ional? Where can I get it? What is the code for that application or applet? What does Window$ want from the Smart Card for this authentication?

  Smart Cards:

  When you order or buy a Smart Card from a Smart Card vendor it comes to you with the OS installed on it and that's it (In some rare cases not even that). The Smart Card IC is like a very small computer. They have CPU's w/ cryptocoprocessors, ROM, RAM and EEPROM as a part of their design. The commands used for communicating to the cards are called APDU's. You send these APDU's via a software interface (www.linuxnet.com or www.opencard.org) to the Smart Card Reader/Terminal with the Smart Card inserted in it. The Smart Card then replies to you with a response code (SW1SW2) and your requested data...

  ....Go to www.linuxnet.com or www.opencard.org for more info on Smart Card development.

  Nick

  -----Original Message-----
  From: Focus on Microsoft Mailing List [mailto:FOCUS-MSSECURITYFOCUS.COM]On Behalf Of Kurt Seifried
  Sent: Monday, April 09, 2001 4:10 PM
  To: FOCUS-MSSECURITYFOCUS.COM
  Subject: Re: Windows 2000 smartcard login

  Ok there are three things usually you get when you buy a smartcard usually:

  The smartcard itself, the good ones have onboard memory, cryptographic components and an RNG, the cert is born on the card, lives on the card and dies on the card. As far as I know you cannot buy the "software" on the chips/etc on the smartcard seperately.

  The smartcard reader, nothing to interesting here unless it's something like leapfrog's with a fingerprint scanner built in.

  The application software for you PC, i.e. tools to access the card, have it create a new cert, delete old ones, test the card, etc.

  Then you also need applications that know what to do with it (such as MSIE, Outlook, etc.).

  Also you typically do not buy the cards from MS (for that matter do they sell them at all?), you go to a vendor like CryptoCard.

  Kurt Seifried, seifriedsecurityportal.com
  Securityportal - your focal point for security on the 'net

  ----- Original Message -----

  From: Hellaenergy

  To: FOCUS-MSSECURITYFOCUS.COM

  Sent: Friday, April 06, 2001 1:01 PM

  Subject: Windows 2000 smartcard login

  Does anyone out there have the smartcard application that needs to be used to log on with a smartcard in Win2000? I have searched the Windows website up and down and found nothing regarding the actual code for this task. I want the actual smartcard application that goes on the card. I DO NOT a way to BUY the card from Micro$oft.

  Thanks

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]