Hisham Aziz wrote:
phx.gbl"
type="cite">
I want to use some unique attribute of the eToken to
authenticate with the LDAP. Obviously I am talking outside the scope of
using and cryptographic objects such as certificate and keys. We want
this to be hardware specific, such as the eToken ID or the Smartcard ID
for that particular token. Just wondering if this is possible using the
PKCS11 library.
Thanks a lot please get back to me ASAP.
I don't think you want to authenticate
against the token, but to something on it, like a cert, so that you
validate access to the token, not just possesion of it.
If you are talking Linux logons you should be able to use free certs
from any provider, I think startcom has a tutorial on how to use their
certs for that.
If you are talking about windows active directory, StartCom provides
windows smartcard logon certs, they are free for the first few users
and very inexpensive after that. ;
|
lists.opensc-project.org