Anders Rundgren wrote: > Q: Why use smart cards? > A: Because they are conveniant. Wrong answer; issuers don't care about > end-users, they care about protecting their business and enforcing their > policy.
E.g. (corporate) CAs do care about end-users. Otherwise costs in the helpdesk are rising. > Q: How can an issuer know that the end-user is actually using a smart card? > A: It cannot, smart cards were never designed for "open" on-line provision. It all depends on the smartcard software and how it interacts with the enrollment software. > Q: Can you host a multitude of keys in a smart card? > A: No, smart cards are typically designed for a single provider. Nonsense! > Q: Can you buy a card from anywhere and start provisioning it? > A: Yes, if you are expert, otherwise not. We often debated that cert enrollment itself is complicated even if just using a file-based key store. But nobody came up with a really good idea how to solve that issue. Please, don't raise the Skype-is-so-wonderful discussion again. Ciao, Michael. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
