<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Henrik,<div class=""><br class=""></div><div class="">You could write a basic TokenD then which just populates one item as a Key which would be set to the value you get from the ID of that tag. Then Your Apps could use that Key (Tag ID). Keep in mind Tim’s comments if you think about taking this beyond tinkering.</div><div class=""><br class=""><div apple-content-edited="true" class="">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><span class="Apple-style-span" style="border-collapse: separate; font-variant: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; border-spacing: 0px; -webkit-text-stroke-width: 0px;"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><font face="Helvetica" style="color: rgb(0, 0, 0);" class=""><span style="font-size: 12px;" class="">- Shawn<br class="">_____________________________________________________________________<br class="">Shawn Geddis<span class="Apple-tab-span" style="white-space: pre;">                                </span> <span class="Apple-tab-span" style="white-space: pre;">                        </span> </span></font><font face="Helvetica" class=""><span style="font-size: 12px;" class="">geddis at {Mac | Me | iCloud}.com</span></font><font face="Helvetica" style="color: rgb(0, 0, 0);" class=""><span style="font-size: 12px;" class=""><br class=""></span></font><span style="orphans: auto; widows: auto;" class="">Security and Certifications Engineer</span><font face="Helvetica" style="color: rgb(0, 0, 0);" class=""><span style="font-size: 12px;" class="">, Apple geddis at <a href="http://apple.com" class="">apple.com</a><br class=""><br class="">Smart Card Services<span class="Apple-converted-space"> </span> Project/Dev Lead: <br class=""><span class="Apple-tab-span" style="white-space: pre;">                                </span>Project Wiki:<span class="Apple-tab-span" style="white-space: pre;">                </span> [<a href="http://SmartCardServices.MacOSFforge.Org" class="">SmartCardServices.MacOSFforge.Org</a>]<br class=""><span class="Apple-tab-span" style="white-space: pre;">                                </span>Mailing Lists:<span class="Apple-tab-span" style="white-space: pre;">                </span> [<a href="http://lists.macosforge.org/mailman/listinfo" class="">Lists.MacOSForge.Org/mailman/listinfo</a>]</span></font></div><div style="color: rgb(0, 0, 0); word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><font face="Helvetica" class=""><span style="font-size: 12px;" class=""><span class="Apple-tab-span" style="white-space: pre;">                                </span>SCS Contact:<span class="Apple-tab-span" style="white-space: pre;">                                </span> [<a href="mailto:scs-cotact@macosforge.org" class="">scs-cotact@macosforge.org</a>]</span></font></div><div style="color: rgb(0, 0, 0); word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><font face="Helvetica" class=""><span style="font-size: 12px;" class=""><span class="Apple-tab-span" style="white-space: pre;">                                </span>SCS Admin:<span class="Apple-tab-span" style="white-space: pre;">                                </span> [<a href="mailto:scs-admin@macosforge.org" class="">scs-admin@macosforge.org</a>]</span></font></div><div style="color: rgb(0, 0, 0); word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><font face="Helvetica" class=""><span style="font-size: 12px;" class="">_____________________________________________________________________</span></font><br class=""></div></span></div></div></div></div></div></div></div></div></div>
</div>
<br class=""><blockquote type="cite" class="">On Feb 2, 2015, at 12:16 PM, Henrik Brautaset Aronsen <<a href="mailto:henrik@synth.no" class="">henrik@synth.no</a>> wrote:<br class=""><br class="">On 02 Feb 2015, at 21:05, Miller, Timothy J. <<a href="mailto:tmiller@mitre.org" class="">tmiller@mitre.org</a>> wrote:<br class=""><blockquote type="cite" class=""><br class="">I don't see anything in the NTAG data sheet that leads me to believe that a login solution based on it would be secure against eavesdropping, cloning, and replay attacks. We used to call these "barking bar codes" and for security sensitive operations (such as authentication) they are not safe.<br class=""><br class="">If you're OK with that, well, it's your headache not mine. But I'd never buy one.<br class=""><br class="">Password ACLs controlling memory write operations is not the same as what happens in a smart card. For secure use, you need--at a minimum--an IC capable of computing a response to a challenge. Ideally you do this by performing a cryptographic operation using a secret unique to the IC. In NXP's offerings (quickly poking around their offerings), that probably puts you in the SmartMX line, but you'd need a platform that integrates that IC with and NFC controller (e.g., NXP's PT501)--something like the NXP MIFARE platform.<br class=""></blockquote><br class="">Hi Timothy,<br class=""><br class="">Thanks for the input! I'm totally OK with the security implications. I'm not doing this for a commercial product, it's merely a hobby project of mine. If I could get it to just check the NFC ID, that would be perfect.<br class=""><br class="">Cheers,<br class="">Henrik<br class=""></blockquote><br class=""></div></body></html>