Hi Ken,
After testing a few products and looking into this area in more detail I do
think the IKey is the best value around. I'm still waiting to find out if
the towitoko sign and crypt pack will do the job
http://www.towitoko.com/deutsch/eng/prp.htm
I will take your word for it on the ibutton. It did strike me as odd a semi
conductor company was making this. The licence thing is really bizzare. What
happens to your private key when the licence runs out? I really liked the
jewlery concept though.
Thanks, Oliver
----- Original Message -----
From: "Kenneth R. Robinette" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, April 25, 2001 1:30 AM
Subject: Re: Smart Card Readers
> From: "Oliver Bode" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: Re: Smart Card Readers
> Date sent: Wed, 25 Apr 2001 01:17:18 +1000
> Send reply to: [EMAIL PROTECTED]
>
> Oliver
>
> You should forget that the Java iButton even exists. I wish I had. It
> has a lot of problems, such as a very slow transfer rate (about 150-
> 300 characters per second), has serious problems with USB
> delivery, is very slow (takes about 7 minutes to generate a 1024 bit
> RSA key onboard), is only about 2% PKCS-11 compliant, and on
> and on and on. I would only recommend the Java iButton to my
> worst enemies, and even then I would think long and hard before
> doing so.
>
> Ken
>
>
> Hello Maxime,
>
> You can find out more about the pkcs11 standard here:
> http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/
>
> When Smart Card manufacturers say their cards are PKCS11 compliant,
correct
> me if I'm wrong, I take this to mean that the card is designed for x509
> certificates and it has the ability to generate keys securely on the
token.
> There are ways you can call this function from Netscape and MSIE. After
keys
> are generated on the token the certificate request/public componant is
sent
> to the CA for signing. You can use openssl to sign the certificate request
> and convert the signed request into a structure that can then be installed
> back on to the smartcard - the signed certificate and root certificate
etc.
> You can also import pkcs12 files onto pkcs11 compliant smart cards using
> Netscape.
>
> On another note I am able to answer my own question on the ibutton. You
> can't buy it, the token is licenced to you on an annual basis. Which to me
> sounds problematic as I don't know what happens if you stop paying them.
>
> Bye, Oliver
>
>
>
> ----- Original Message -----
> From: "Maxime Dubois" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, April 07, 2001 8:06 PM
> Subject: Re: Smart Card Readers
>
>
> > Hi,
> >
> > How do you work with openssl and PKCS11 SmartCard readers?
> > Can we export a a PKCS11 certificate with the command line tool?
> > I can only see a pkcs12 command.
> >
> > Thanks
> > Regards
> >
> > Maxime DUBOIS
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
> __________________________________________________
> Support
> InterSoft International, Inc.
> Voice: 888-823-1541, International 281-398-7060
> Fax: 888-823-1542, International 281-560-9170
> [EMAIL PROTECTED]
> http://www.securenetterm.com
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
