[KEYPROV] "Dumbed down" smart cards - Tokens of the future
Anders Rundgren <anders.rundgren@telia.com> Mon, 06 September 2010 20:35 UTC
Return-Path: <anders.rundgren@telia.com>
X-Original-To: keyprov@core3.amsl.com
Delivered-To: keyprov@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C651C3A694E for <keyprov@core3.amsl.com>; Mon, 6 Sep 2010 13:35:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.258
X-Spam-Level:
X-Spam-Status: No, score=-0.258 tagged_above=-999 required=5 tests=[AWL=-0.609, BAYES_50=0.001, HELO_EQ_SE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id evl2AsBbhywq for <keyprov@core3.amsl.com>; Mon, 6 Sep 2010 13:35:40 -0700 (PDT)
Received: from mail.primekey.se (walter.primekey.se [195.149.137.136]) by core3.amsl.com (Postfix) with ESMTP id ADD843A6997 for <keyprov@ietf.org>; Mon, 6 Sep 2010 13:35:35 -0700 (PDT)
Received: from [127.0.0.1] (localhost [127.0.0.1]) by mail.primekey.se (Postfix) with ESMTP id B8102C3E9A; Mon, 6 Sep 2010 22:35:59 +0200 (CEST)
Message-ID: <4C8550AF.7020802@telia.com>
Date: Mon, 06 Sep 2010 22:35:59 +0200
From: Anders Rundgren <anders.rundgren@telia.com>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: KEYPROV <keyprov@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [KEYPROV] "Dumbed down" smart cards - Tokens of the future
X-BeenThere: keyprov@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Provisioning of Symmetric Keys \(keyprov\)" <keyprov.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyprov>
List-Post: <mailto:keyprov@ietf.org>
List-Help: <mailto:keyprov-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Sep 2010 20:35:43 -0000
In the mid 90'ties "client-server" was on the top of the Gartner hype curve. A decade later the reality had replaced this vision with the new version of the "dumb terminal", the web browser. What's strange is that the smart card industry not only clings to the generally flopped "client server" paradigm but also tries to expand it by making cards behave like web servers. For authentication on the Internet you only need something really simple like a sub-sub-set of PKCS #11 which with no effort at all could be defined as a peripheral with a fixed interface which fits the dumb terminal concept as a glove. The biggest change is that "dumb tokens" can be supported directly by platform vendors since the latter can reach all compliant ("moron") devices with a single and quite simple driver. Unlike its smarter cousin, the "dumb token" has built-in support for swift and secure provisioning directly from a web browser. It does not need any formatting or initialization either since it only deals with cryptographic objects rather than with applications or files. Anders
- [KEYPROV] "Dumbed down" smart cards - Tokens of t… Anders Rundgren