Michael Ströder wrote, On 2008-11-27 06:02:
> Anders Rundgren wrote:
>>  >> So what is then real problem?
>>  >> 1. The European Smart Card industry who do not want to become suppliers
>>  >> of commodities.
>>
>>  >???
>>  >Each time I talked to smartcard vendors they were keen on selling their
>>  >stuff. The more the better.
>>  
>> You mean there is a standard blank smartcard that you can buy from 
>> multiple vendors that works right-out-of-the-box in most computer 
>> systems?   Using what kind of standard personalization software?
> 
> Different vendors have different smartcards but you can use them from 
> different applications through PKCS#11 and CAPI/CSP. The software 
> quality differs.
> 
> You claimed that banks do not use PKI with smartcards for authc because 
> there's nothing available. I don't think so. The banks do not want to 
> get involved with supporting software/hardware installed at the user's 
> PC. You should look at the HBCI history.

I recently had lunch with a Swiss banking executive whose bank now
supports two different USB hardware PKI token gizmos for authentication.
As I recall, one is distributed and supported by the Swiss post office.
The bank seems quite happy to support the devices, given that the bank
is not the sole service to use it, and therefore does not bear the sole
support burden.

I have contacts in the former Soviet Union who claim that Russian banks
now routinely require PKI hardware for authentication as a condition of
online banking.

How sad that I live is a nation that is such a technological back-water. :)
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to