From owner-freebsd-small@FreeBSD.ORG Mon Sep 20 11:02:21 2004 Return-Path: <owner-freebsd-small@FreeBSD.ORG> Delivered-To: freebsd-small@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE5E816A4E2 for <freebsd-small@freebsd.org>; Mon, 20 Sep 2004 11:02:21 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id A3A9143D2D for <freebsd-small@freebsd.org>; Mon, 20 Sep 2004 11:02:21 +0000 (GMT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (peter@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.11/8.12.11) with ESMTP id i8KB2L0q001495 for <freebsd-small@freebsd.org>; Mon, 20 Sep 2004 11:02:21 GMT (envelope-from owner-bugmaster@freebsd.org) Received: (from peter@localhost) by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i8KB2Jmp001489 for freebsd-small@freebsd.org; Mon, 20 Sep 2004 11:02:19 GMT (envelope-from owner-bugmaster@freebsd.org) Date: Mon, 20 Sep 2004 11:02:19 GMT Message-Id: <200409201102.i8KB2Jmp001489@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f From: FreeBSD bugmaster <bugmaster@freebsd.org> To: freebsd-small@FreeBSD.org Subject: Current problem reports assigned to you X-BeenThere: freebsd-small@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Dedicated and Embedded Systems <freebsd-small.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-small> List-Post: <mailto:freebsd-small@freebsd.org> List-Help: <mailto:freebsd-small-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=subscribe> X-List-Received-Date: Mon, 20 Sep 2004 11:02:21 -0000 Current FreeBSD problem reports Critical problems Serious problems Non-critical problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2000/01/04] misc/15876 small PicoBSD message of the day problems o [2001/06/18] misc/28255 small picobsd documentation still references ol o [2002/09/13] kern/42728 small many problems in src/usr.sbin/ppp/* afte o [2003/05/14] misc/52255 small picobsd build script fails under FreeBSD o [2003/05/14] misc/52256 small picobsd build script does not read in use 5 problems total. From owner-freebsd-small@FreeBSD.ORG Fri Sep 24 15:50:34 2004 Return-Path: <owner-freebsd-small@FreeBSD.ORG> Delivered-To: freebsd-small@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C6FCE16A504; Fri, 24 Sep 2004 15:50:34 +0000 (GMT) Received: from post5.inre.asu.edu (post5.inre.asu.edu [129.219.110.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id AFEB043D9A; Fri, 24 Sep 2004 15:50:20 +0000 (GMT) (envelope-from David.Bear@asu.edu) Received: from conversion.post5.inre.asu.edu by asu.edu (PMDF V6.1-1X6 #30769) id <0I4J00A01YHFCO@asu.edu>; Fri, 24 Sep 2004 08:46:27 -0700 (MST) Received: from smtp.asu.edu (smtp.asu.edu [129.219.110.107]) <0I4J009AQYHFSO@asu.edu>; Fri, 24 Sep 2004 08:46:27 -0700 (MST) Received: from moroni.pp.asu.edu (moroni.pp.asu.edu [129.219.69.200]) (8.12.10/8.12.10/asu_smtp_relay,nullclient,tcp_wrapped) with ESMTP id i8OFkP71011932; Fri, 24 Sep 2004 08:46:25 -0700 (MST) Received: by moroni.pp.asu.edu (Postfix, from userid 500) id 82E76E34; Fri, 24 Sep 2004 08:46:12 -0700 (MST) Received: from post1.inre.asu.edu (post1.inre.asu.edu [129.219.110.72]) by imap1.asu.edu (8.11.0/8.11.0/asu_cyrus,tcp_wrapped) with ESMTP id g2D2k1E16274 for <iddwb@IMAP1.ASU.EDU>; Tue, 12 Mar 2002 19:46:01 -0700 (MST) Received: from conversion.post1.inre.asu.edu by asu.edu (PMDF V6.1 #40110) david.bear@asu.edu) ; Tue, 12 Mar 2002 19:46:01 -0700 (MST) Received: from mx2.freebsd.org (mx2.FreeBSD.org [216.136.204.119]) by asu.edu (PMDF V6.1 #40110) with ESMTP id <0GSW0013250OYI@asu.edu> for iddwb@IMAP1.ASU.EDU (ORCPT david.bear@asu.edu); Tue, 12 Mar 2002 19:46:01 -0700 (MST) Received: from hub.freebsd.org (hub.FreeBSD.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id 675C255DB2; Tue, 12 Mar 2002 18:45:57 -0800 Received: by hub.freebsd.org (Postfix, from userid 538) id 3D14B37B41A; Tue, 12 Mar 2002 18:45:44 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with SMTP id 1E9912E8011; Tue, 12 Mar 2002 18:45:42 -0800 (PST) Received: by hub.freebsd.org (bulk_mailer v1.12); Tue, 12 Mar 2002 18:45:41 -0800 Received: from whizzo.transsys.com (whizzo.TransSys.COM [144.202.42.10]) by hub.freebsd.org (Postfix) with ESMTP id 588F537B404; Tue, 12 Mar 2002 18:45:38 -0800 (PST) Received: from whizzo.transsys.com (#6@localhost.transsys.com [127.0.0.1]) by whizzo.transsys.com (8.11.6/8.11.6) with ESMTP id g2D2jbY28875; Tue, 12 Mar 2002 21:45:37 -0500 From: "Louis A. Mamakos" <louie@TransSys.COM> In-reply-to: "Your message of Tue, 12 Mar 2002 17:33:18 EST." <3C8E822E.7070509@aurora.regenstrief.org> Sender: owner-freebsd-security@FreeBSD.ORG To: dwbear75@gmail.com Message-id: <200203130245.g2D2jbY28875@whizzo.transsys.com> MIME-version: 1.0 X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 Content-type: text/plain; charset=us-ascii Precedence: bulk X-Loop: FreeBSD.org Delivered-to: freebsd-security@freebsd.org Old-To: Gunther Schadow <gunther@aurora.regenstrief.org> X-Image-URL: http://www.transsys.com/louie/images/louie-mail.jpg Lines: 29 References: <3C8E822E.7070509@aurora.regenstrief.org> X-Keywords: cc: freebsd-security@FreeBSD.ORG cc: PicoBSD List <freebsd-small@FreeBSD.ORG> Subject: Re: Smartcard device support? X-BeenThere: freebsd-small@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Dedicated and Embedded Systems <freebsd-small.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-small> List-Post: <mailto:freebsd-small@freebsd.org> List-Help: <mailto:freebsd-small-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=subscribe> Date: Fri, 24 Sep 2004 15:50:35 -0000 X-Original-Date: Tue, 12 Mar 2002 21:45:37 -0500 X-List-Received-Date: Fri, 24 Sep 2004 15:50:35 -0000 > Hi, > > I'm wondering if it isn't time to roll out smart card use a bit more > aggressively. The question is: are any smart card devices useable > with FreeBSD? Let's say for enabling IPsec associations with racoon > (X509 cert on smartcard instead of a file on disk.) Only if smartcard > is in the box will the IPsec connection work. Of course my constraint > is cost of hardware. So is there any cheap stuff around? You should take a look at the Dallas Semiconductor Java iButton, which is a small Java smartcard like device in a package about the size of a button-battery. There's also an inexpensive reader dongle you can attach to a serial port to talk with it. The Java iButton can do RSA public key processing; in fact, with a suitably written application (in Java, of course), you can have the device generate a public/private keypair, hand you back the public key, and never expose the private key inside the tamper resistant device. Very cool. See http://www.ibutton.com/ for information. See also /usr/ports/comms/mlan3 for some low-level code used to talk to these types of "one-wire" devices. louie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-small@FreeBSD.ORG Fri Sep 24 15:50:35 2004 Return-Path: <owner-freebsd-small@FreeBSD.ORG> Delivered-To: freebsd-small@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5003C16A51B; Fri, 24 Sep 2004 15:50:35 +0000 (GMT) Received: from post5.inre.asu.edu (post5.inre.asu.edu [129.219.110.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 468FA43DA2; Fri, 24 Sep 2004 15:50:21 +0000 (GMT) (envelope-from David.Bear@asu.edu) Received: from conversion.post5.inre.asu.edu by asu.edu (PMDF V6.1-1X6 #30769) id <0I4J00A01YHHCZ@asu.edu>; Fri, 24 Sep 2004 08:46:29 -0700 (MST) Received: from smtp.asu.edu (smtp.asu.edu [129.219.110.107]) <0I4J00A64YHG5Y@asu.edu>; Fri, 24 Sep 2004 08:46:29 -0700 (MST) Received: from moroni.pp.asu.edu (moroni.pp.asu.edu [129.219.69.200]) (8.12.10/8.12.10/asu_smtp_relay,nullclient,tcp_wrapped) with ESMTP id i8OFkR71011965; Fri, 24 Sep 2004 08:46:27 -0700 (MST) Received: by moroni.pp.asu.edu (Postfix, from userid 500) id 60BF7E74; Fri, 24 Sep 2004 08:46:13 -0700 (MST) Received: from post1.inre.asu.edu (post1.inre.asu.edu [129.219.110.72]) by imap1.asu.edu (8.11.0/8.11.0/asu_cyrus,tcp_wrapped) with ESMTP id g2EGINE25656 for <iddwb@IMAP1.ASU.EDU>; Thu, 14 Mar 2002 09:18:24 -0700 (MST) Received: from conversion.post1.inre.asu.edu by asu.edu (PMDF V6.1 #40110) david.bear@asu.edu) ; Thu, 14 Mar 2002 09:18:23 -0700 (MST) Received: from mx2.freebsd.org (mx2.FreeBSD.org [216.136.204.119]) by asu.edu (PMDF V6.1 #40110) with ESMTP id <0GSZ00LO51AN4N@asu.edu> for iddwb@IMAP1.ASU.EDU (ORCPT david.bear@asu.edu); Thu, 14 Mar 2002 09:18:23 -0700 (MST) Received: from hub.freebsd.org (hub.FreeBSD.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id 38C0D55C86; Thu, 14 Mar 2002 08:18:17 -0800 Received: by hub.freebsd.org (Postfix, from userid 538) id 9EAB737B419; Thu, 14 Mar 2002 08:18:09 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with SMTP id 3431A2E808F; Thu, 14 Mar 2002 08:18:08 -0800 (PST) Received: by hub.freebsd.org (bulk_mailer v1.12); Thu, 14 Mar 2002 08:18:08 -0800 Received: from vulcan.rsasecurity.com(Postfix) with SMTP id 3E47637B400; Thu, 14 Mar 2002 08:18:05 -0800 (PST) Received: from no.name.available by vulcan.rsasecurity.com via smtpd (for hub.FreeBSD.org [216.136.204.18]) with SMTP; Thu, 14 Mar 2002 16:17:31 +0000 (UT) Received: from tuna.rsa.com (tuna.rsa.com [10.80.211.153]) by sdtihq24.securid.com (Pro-8.9.3/Pro-8.9.3) with ESMTP id LAA08886; Thu, 14 Mar 2002 11:17:19 -0500 (EST) Received: from quattro.rsa.com (quattro.rsa.com [10.81.217.239]) by tuna.rsa.com (8.8.8+Sun/8.8.8) with ESMTP id IAA12510; Thu, 14 Mar 2002 08:22:26 -0800 (PST) Received: from rsasecurity.com (localhost.rsa.com [127.0.0.1]) by quattro.rsa.com (8.11.0/8.11.0) with ESMTP id g2EGH2J10681; Thu, 14 Mar 2002 08:17:02 -0800 (PST envelope-from davef@rsasecurity.com) From: David Finkelstein <davef@rsasecurity.com> In-reply-to: "Your message of Tue, 12 Mar 2002 17:33:18 EST." <3C8E822E.7070509@aurora.regenstrief.org> Sender: owner-freebsd-security@FreeBSD.ORG To: dwbear75@gmail.com Message-id: <200203141617.g2EGH2J10681@quattro.rsa.com> MIME-version: 1.0 X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 Content-type: text/plain; charset=us-ascii Precedence: bulk X-Loop: FreeBSD.org Delivered-to: freebsd-security@freebsd.org Old-To: Gunther Schadow <gunther@aurora.regenstrief.org> Lines: 14 X-Keywords: cc: freebsd-security@FreeBSD.ORG cc: PicoBSD List <freebsd-small@FreeBSD.ORG> Subject: Re: Smartcard device support? X-BeenThere: freebsd-small@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Dedicated and Embedded Systems <freebsd-small.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-small> List-Post: <mailto:freebsd-small@freebsd.org> List-Help: <mailto:freebsd-small-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=subscribe> Date: Fri, 24 Sep 2004 15:50:35 -0000 X-Original-Date: Thu, 14 Mar 2002 08:17:02 -0800 X-List-Received-Date: Fri, 24 Sep 2004 15:50:35 -0000 Gunther Schadow wrote: >Hi, > >I'm wondering if it isn't time to roll out smart card use a bit more >aggressively. The question is: are any smart card devices useable >with FreeBSD? I believe nCipher has drivers for FreeBSD. --- David To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-small@FreeBSD.ORG Fri Sep 24 15:50:36 2004 Return-Path: <owner-freebsd-small@FreeBSD.ORG> Delivered-To: freebsd-small@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1976616A527; Fri, 24 Sep 2004 15:50:36 +0000 (GMT) Received: from post5.inre.asu.edu (post5.inre.asu.edu [129.219.110.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id E6B7543DB1; Fri, 24 Sep 2004 15:50:22 +0000 (GMT) (envelope-from David.Bear@asu.edu) Received: from conversion.post5.inre.asu.edu by asu.edu (PMDF V6.1-1X6 #30769) id <0I4J00A01YHKDM@asu.edu>; Fri, 24 Sep 2004 08:46:32 -0700 (MST) Received: from smtp.asu.edu (smtp.asu.edu [129.219.110.107]) <0I4J009AUYHFT5@asu.edu>; Fri, 24 Sep 2004 08:46:32 -0700 (MST) Received: from moroni.pp.asu.edu (moroni.pp.asu.edu [129.219.69.200]) (8.12.10/8.12.10/asu_smtp_relay,nullclient,tcp_wrapped) with ESMTP id i8OFkQ71011937; Fri, 24 Sep 2004 08:46:26 -0700 (MST) Received: by moroni.pp.asu.edu (Postfix, from userid 500) id 94A67DEE; Fri, 24 Sep 2004 08:46:12 -0700 (MST) Received: from post1.inre.asu.edu (post1.inre.asu.edu [129.219.110.72]) by imap1.asu.edu (8.11.0/8.11.0/asu_cyrus,tcp_wrapped) with ESMTP id g2D9jxE04522 for <iddwb@IMAP1.ASU.EDU>; Wed, 13 Mar 2002 02:46:00 -0700 (MST) Received: from conversion.post1.inre.asu.edu by asu.edu (PMDF V6.1 #40110) david.bear@asu.edu) ; Wed, 13 Mar 2002 02:45:59 -0700 (MST) Received: from mx2.freebsd.org (mx2.FreeBSD.org [216.136.204.119]) by asu.edu (PMDF V6.1 #40110) with ESMTP id <0GSW00ILZOGNTA@asu.edu> for iddwb@IMAP1.ASU.EDU (ORCPT david.bear@asu.edu); Wed, 13 Mar 2002 02:45:59 -0700 (MST) Received: from hub.freebsd.org (hub.FreeBSD.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id B0ABC55A7F; Wed, 13 Mar 2002 01:45:55 -0800 Received: by hub.freebsd.org (Postfix, from userid 538) id AEABB37B400; Wed, 13 Mar 2002 01:45:46 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with SMTP id 4943E2E8083; Wed, 13 Mar 2002 01:45:45 -0800 (PST) Received: by hub.freebsd.org (bulk_mailer v1.12); Wed, 13 Mar 2002 01:45:44 -0800 Received: from mail.spc.org (insomnia.spc.org [195.224.94.183]) by hub.freebsd.org (Postfix) with SMTP id 9C3D337B419 for <freebsd-security@freebsd.org>; Wed, 13 Mar 2002 01:45:37 -0800 (PST) Received: (qmail 968 invoked by uid 1031); Wed, 13 Mar 2002 09:33:44 +0000 From: Bruce M Simpson <bms@spc.org> In-reply-to: <"from gunther"@aurora.regenstrief.org> Sender: owner-freebsd-security@FreeBSD.ORG To: dwbear75@gmail.com Message-id: <20020313093343.U10322@spc.org> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-disposition: inline Precedence: bulk X-Loop: FreeBSD.org Delivered-to: freebsd-security@freebsd.org Old-To: Gunther Schadow <gunther@aurora.regenstrief.org> User-Agent: Mutt/1.2.5.1i Lines: 23 References: <3C8E822E.7070509@aurora.regenstrief.org> X-Keywords: cc: freebsd-security@FreeBSD.ORG cc: PicoBSD List <freebsd-small@FreeBSD.ORG> Subject: Re: Smartcard device support? X-BeenThere: freebsd-small@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Dedicated and Embedded Systems <freebsd-small.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-small> List-Post: <mailto:freebsd-small@freebsd.org> List-Help: <mailto:freebsd-small-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=subscribe> Date: Fri, 24 Sep 2004 15:50:36 -0000 X-Original-Date: Wed, 13 Mar 2002 09:33:43 +0000 X-List-Received-Date: Fri, 24 Sep 2004 15:50:36 -0000 I looked at IBM's OpenCryptoki briefly, but it only supports Linux. Also, it seems that it requires a drop-in 'STDLL' to be written for each device. It might be possible to do something similar to SSH by hacking ssh-agent to be tied to a removable medium. BMS On Tue, Mar 12, 2002 at 05:33:18PM -0500, Gunther Schadow wrote: > Hi, > > I'm wondering if it isn't time to roll out smart card use a bit more > aggressively. The question is: are any smart card devices useable > with FreeBSD? Let's say for enabling IPsec associations with racoon > (X509 cert on smartcard instead of a file on disk.) Only if smartcard > is in the box will the IPsec connection work. Of course my constraint > is cost of hardware. So is there any cheap stuff around? > > thanks for any hint, > -Gunther To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-small@FreeBSD.ORG Fri Sep 24 15:50:37 2004 Return-Path: <owner-freebsd-small@FreeBSD.ORG> Delivered-To: freebsd-small@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F82016A523; Fri, 24 Sep 2004 15:50:37 +0000 (GMT) Received: from post5.inre.asu.edu (post5.inre.asu.edu [129.219.110.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0A3A043DC5; Fri, 24 Sep 2004 15:50:25 +0000 (GMT) (envelope-from David.Bear@asu.edu) Received: from conversion.post5.inre.asu.edu by asu.edu (PMDF V6.1-1X6 #30769) id <0I4J00A01YHNEX@asu.edu>; Fri, 24 Sep 2004 08:46:35 -0700 (MST) Received: from smtp.asu.edu (smtp.asu.edu [129.219.110.107]) <0I4J009ASYHFSO@asu.edu>; Fri, 24 Sep 2004 08:46:35 -0700 (MST) Received: from moroni.pp.asu.edu (moroni.pp.asu.edu [129.219.69.200]) (8.12.10/8.12.10/asu_smtp_relay,nullclient,tcp_wrapped) with ESMTP id i8OFkQ71011938; Fri, 24 Sep 2004 08:46:26 -0700 (MST) Received: by moroni.pp.asu.edu (Postfix, from userid 500) id A6046E4D; Fri, 24 Sep 2004 08:46:12 -0700 (MST) Received: from post1.inre.asu.edu (post1.inre.asu.edu [129.219.110.72]) by imap1.asu.edu (8.11.0/8.11.0/asu_cyrus,tcp_wrapped) with ESMTP id g2DBEuE17821 for <iddwb@IMAP1.ASU.EDU>; Wed, 13 Mar 2002 04:14:56 -0700 (MST) Received: from conversion.post1.inre.asu.edu by asu.edu (PMDF V6.1 #40110) david.bear@asu.edu) ; Wed, 13 Mar 2002 04:14:55 -0700 (MST) Received: from mx2.freebsd.org (mx2.FreeBSD.org [216.136.204.119]) by asu.edu (PMDF V6.1 #40110) with ESMTP id <0GSW00DIESKVQ8@asu.edu> for iddwb@IMAP1.ASU.EDU (ORCPT david.bear@asu.edu); Wed, 13 Mar 2002 04:14:55 -0700 (MST) Received: from hub.freebsd.org (hub.FreeBSD.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id 9189255791; Wed, 13 Mar 2002 03:14:48 -0800 Received: by hub.freebsd.org (Postfix, from userid 538) id 8BB8137B41D; Wed, 13 Mar 2002 03:14:30 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with SMTP id A772C2E8011; Wed, 13 Mar 2002 03:14:28 -0800 (PST) Received: by hub.freebsd.org (bulk_mailer v1.12); Wed, 13 Mar 2002 03:14:28 -0800 Received: from webweaving.org (adsl-66-124-87-42.dsl.snfc21.pacbell.net [66.124.87.42]) by hub.freebsd.org (Postfix) with ESMTP id 7A00637B404; Wed, 13 Mar 2002 03:14:23 -0800 (PST) Received: from dirkx (helo=localhost) by webweaving.org with local-esmtp (Exim 3.14 #1) id 16l7MP-0007Mr-00; Wed, 13 Mar 2002 11:56:01 +0000 From: Dirk-Willem van Gulik <dirkx@webweaving.org> In-reply-to: <200203130245.g2D2jbY28875@whizzo.transsys.com> Sender: owner-freebsd-security@FreeBSD.ORG X-Sender: dirkx@router.ispra.webweaving.org To: dwbear75@gmail.com Message-id: <Pine.BSO.4.21.0203131150060.11499-100000@router.ispra.webweaving.org> MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Precedence: bulk X-Loop: FreeBSD.org Delivered-to: freebsd-security@freebsd.org Old-To: "Louis A. Mamakos" <louie@TransSys.COM> Lines: 42 X-Keywords: cc: PicoBSD List <freebsd-small@FreeBSD.ORG> cc: freebsd-security@FreeBSD.ORG Subject: Re: Smartcard device support? X-BeenThere: freebsd-small@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Dedicated and Embedded Systems <freebsd-small.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-small> List-Post: <mailto:freebsd-small@freebsd.org> List-Help: <mailto:freebsd-small-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-small>, <mailto:freebsd-small-request@freebsd.org?subject=subscribe> Date: Fri, 24 Sep 2004 15:50:37 -0000 X-Original-Date: Wed, 13 Mar 2002 11:56:01 +0000 (GMT) X-List-Received-Date: Fri, 24 Sep 2004 15:50:37 -0000 On Tue, 12 Mar 2002, Louis A. Mamakos wrote: > You should take a look at the Dallas Semiconductor Java iButton, > which is a small Java smartcard like device in a package about the > size of a button-battery. There's also an inexpensive reader > dongle you can attach to a serial port to talk with it. > > The Java iButton can do RSA public key processing; in fact, with > a suitably written application (in Java, of course), you can have > the device generate a public/private keypair, hand you back the > public key, and never expose the private key inside the tamper > resistant device. Very cool. And extremely easy to write/handle. I used it to do the above; have it signed by a CA - and then use the iButton to sign 5 day cert's which go down into a web server. They are not that fast though - i.e. do not expect those nice <1msec touch-and-go you see with the nedap devices. You have to conciously press them against the blue connector for a noticable period of time. I.e. there is a 'rest' moment. > See http://www.ibutton.com/ for information. See also > /usr/ports/comms/mlan3 for some low-level code used to talk > to these types of "one-wire" devices. I found them working just fine. However - the IDE requirers java comm support - which I could not get to work on FreeBSD (a year ago). So I had to do the initial part of the development on Sun Solaris box (PC is fine too). But once you are set up it is 100% java and platform agnostics; and especially if during development you allow the iButton to DHCP network itself in - using one of the adaptor cards and the java SIM - you can use (t)ftp to do all your develpment just fine from any unix. And may only need ot do something special when you are rolling out the ibottons on a PC. DW. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message