Hi,
On Wed, Nov 10 at 07:13, Paul Tansom wrote:
> Has anyone experimented with using a smart card and reader for authentication?
Way back in 2006 I was paid good money developing software using smart
cards for various ideas. I wonder if they succeeded in turning any of
the ideas into saleable patents?
Firstly carefully define what you want the card to do, ie exactly what
your requirements are.
Login authentication ?
Signature creation ?
Encryption ?
How many keys ?
Some cards are better at some tasks than others. The OpenPGP card for
example is great for signature generation but difficult to use for login
authentication. This may have changed as I see there is a OpenPGP v2
card with more keys and x509 support out there now.
At the time we needed a does everything card and ended up using Gemalto
Cryptoflex 32K cards.
For prototyping we used the SCM SCR-335 reader, a neat simple unit that
just worked.
--
Bob Dunlop
