[SmartcardServices-Dev] what's the focus of the SmartcardServices project?

Shawn A. Geddis geddis at apple.com
Mon Mar 23 04:56:27 PDT 2009 

On Mar 17, 2009, at 5:08 AM, Folkert Saathoff wrote:
> Hello List,
> glad to see things are going forward again with smartcard  
> integration on Mac OS X.
>
> I'm a bit confused though about the focus of the project (please  
> excuse my ignorance, I'm reading up on it as we speak :)
> I'm mostly interested in home/personal use of USB Smartcards (eg  
> Aladdin eTokenPRO), not necessarily for login authentication, but  
> rather as a secure place to store ssh keys etc. Thus, i'm looking  
> for a way to provision (if that's the right term) cards on Mac OS X,  
> preferably using open source middleware. Right now, it seems that  
> the OpenSC project should be the best place to look for that. But  
> I'm wondering, is anybody on the list interested in (and in a  
> position to contribute to) this kind of thing? Or are people mainly  
> concerned with making enterprise stuff like CAC and PIV work  
> correctly?
>
> thnx/ cheers
> Folkert Saathoff

Folkert,

Welcome to the List / Project and I hope we can be of assistance to you.

This Project has a very ambitious goal of enhancing all things "Token"  
related with Mac OS X in an interactive and open source community.   
Apple has been doing a fair amount of work internally and with some  
external individuals, but we really wanted to take this to the next  
level.  For that, we felt a good way to engage all of the appropriate  
entities in this space while providing a high level of transparency is  
to bring everyone together with this MacOSForge Project.

We have pulled together all of the appropriate open source code  
previously available via http://www.opensource.apple.com/ 
darwinsource/  which makes up the SmartCardServices.  We already have  
a few sub-proejcts that will be added which will provide key  
capability that did not previously exist.  One such sub-project is a  
"PKCS#11 Shim" which is built on top of CDSA and fully leverages the  
built-in SmartCardServices without inflicting a problem of arbitration  
as is the case with competing PKCS#11 Library and Tokend environments  
right now.

The capability of a Tokend on Mac OS X fully allows for complete  
provisioning, personalization, administration, etc. of a supported  
Smart Card.  A "Tokend" is an abstraction for any kind of security  
token. The currently shipped tokend modules were originally developed  
to support PKI-based Smart Cards already issued (i.e.  
CAC,PIV,BELPIC,JPKI).  We want this project to take that further and  
work to providing a set of APIs / Services that extend to what you are  
asking for and what is needed for future concepts.  There is much in  
our minds as to what can be done if we all work together.

You are more than welcome to participate or select the environments of  
choice, but we hope you consider working with us here to further our  
work and meeting your current and future needs as well.

__________________________________________________
Shawn Geddis				  			   geddis at mac.com
Security Consulting Engineer

MacOSForge Project Lead:                           Smart Card Services
	Web:	http://smartcardservices.macosforge.org/
	Lists:	http://lists.macosforge.org/mailman/listinfo
__________________________________________________

More information about the SmartcardServices-Dev mailing list