[SmartcardServices-Dev] what's the focus of the SmartcardServices project?
Shawn A. Geddis
geddis at apple.com
Mon Mar 23 04:56:27 PDT 2009
On Mar 17, 2009, at 5:08 AM, Folkert Saathoff wrote:
> Hello List,
> glad to see things are going forward again with smartcard
> integration on Mac OS X.
>
> I'm a bit confused though about the focus of the project (please
> excuse my ignorance, I'm reading up on it as we speak :)
> I'm mostly interested in home/personal use of USB Smartcards (eg
> Aladdin eTokenPRO), not necessarily for login authentication, but
> rather as a secure place to store ssh keys etc. Thus, i'm looking
> for a way to provision (if that's the right term) cards on Mac OS X,
> preferably using open source middleware. Right now, it seems that
> the OpenSC project should be the best place to look for that. But
> I'm wondering, is anybody on the list interested in (and in a
> position to contribute to) this kind of thing? Or are people mainly
> concerned with making enterprise stuff like CAC and PIV work
> correctly?
>
> thnx/ cheers
> Folkert Saathoff
Folkert,
Welcome to the List / Project and I hope we can be of assistance to you.
This Project has a very ambitious goal of enhancing all things "Token"
related with Mac OS X in an interactive and open source community.
Apple has been doing a fair amount of work internally and with some
external individuals, but we really wanted to take this to the next
level. For that, we felt a good way to engage all of the appropriate
entities in this space while providing a high level of transparency is
to bring everyone together with this MacOSForge Project.
We have pulled together all of the appropriate open source code
previously available via http://www.opensource.apple.com/
darwinsource/ which makes up the SmartCardServices. We already have
a few sub-proejcts that will be added which will provide key
capability that did not previously exist. One such sub-project is a
"PKCS#11 Shim" which is built on top of CDSA and fully leverages the
built-in SmartCardServices without inflicting a problem of arbitration
as is the case with competing PKCS#11 Library and Tokend environments
right now.
The capability of a Tokend on Mac OS X fully allows for complete
provisioning, personalization, administration, etc. of a supported
Smart Card. A "Tokend" is an abstraction for any kind of security
token. The currently shipped tokend modules were originally developed
to support PKI-based Smart Cards already issued (i.e.
CAC,PIV,BELPIC,JPKI). We want this project to take that further and
work to providing a set of APIs / Services that extend to what you are
asking for and what is needed for future concepts. There is much in
our minds as to what can be done if we all work together.
You are more than welcome to participate or select the environments of
choice, but we hope you consider working with us here to further our
work and meeting your current and future needs as well.
__________________________________________________
Shawn Geddis geddis at mac.com
Security Consulting Engineer
MacOSForge Project Lead: Smart Card Services
Web: http://smartcardservices.macosforge.org/
Lists: http://lists.macosforge.org/mailman/listinfo
__________________________________________________
More information about the SmartcardServices-Dev
mailing list