On Mon, Sep 17, 2007 at 12:57:49AM -0700, Mark Cohen wrote:
> The bigger problem is buying working supported
smsrtcards
We're using Aladdin eTokens. The ones marked with 4.2B does
NOT work
as we tested them, and older versions are not available by
now.
The latest recent OpenSC release had some comments about
this, but
I had no time to test them now. Though, I already had my
morning
coffee, and i can grab one of those newer cards for you to
check it out 
But it's best to use older cards, since they are working
better.
Note: we are using usb-tokens. these are reader+card
built-together
forms.
>
> -Mark
>
> Sent from my iPhone
>
> On Sep 17, 2007, at 12:52 AM, Gergely CZUCZY
<phoemix harmless.hu> wrote:
>
> >Hello,
> >
> >We're here at my other workplace are using
smartcards for web auth.
> >This works over the pkcs11 interface provided by
opensc. The browser
> >uses the pkcs11 lib to handle the smarcard and
offers the cerd found there.
> >Currently only firefox supports this operation
under non-win32 platform.
> >
> >You need to have your client cert signed by the
server's CA, and at the
> >server side you will need to verify the client's
cert for the signiture.
> >If the web service is unable to find a good
signiture then it will refuse
> >the connection. From script you will be able to
access the client's cert's
> >data fields somehow.
> >
> >From apache+php this is done throught env vars
iirc. Pound[1] exports these
> >data into headers, so this can work in many ways.
> >
> >[1] http://www.apsis.ch/pound/
> >
> >On Mon, Sep 17, 2007 at 12:46:25AM -0700, Mark
Cohen wrote:
> >> I'd like to get SmartCard login / web auth
working on my laptop. I've got
> >> a working reader (actually 2) and I need to
buy 1 or 2 (preferably 2)
> >> cards to use.
> >> They don't have to be fancy, just basic smart
cards that I can store
> >> PGP/SSH/SSL certs..
> >> Compatibility is the main concern here. It
appears that a lot of the newer
> >> cards don't work.
> >> Any help is very much appreciated.
> >> Thanks
> >>
> >> Mark Cohen
> >> [1]markcbinaryfaith.com
> >>
> >>References
> >>
> >> Visible links
> >> 1. mailto:markcbinaryfaith.com
> >
> >
> >
>
>>_______________________________________________
> >>opensc-user mailing list
> >>opensc-userlists.opensc-project.org
> >>http://www.opensc-project.org/mailman/listinfo/opensc-
user
> >
> >
> >Sincerely,
> >
> >Gergely Czuczy
> >mailto: gergely.czuczyharmless.hu
> >
> >--
> >Weenies test. Geniuses solve problems that arise.
Sincerely,
Gergely Czuczy
mailto: gergely.czuczyharmless.hu
--
Weenies test. Geniuses solve problems that arise.
_______________________________________________
opensc-user mailing list
opensc-userlists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user
|
