From owner-freebsd-small@FreeBSD.ORG Fri Sep 24 15:50:37 2004 Return-Path: Delivered-To: freebsd-small@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F82016A523; Fri, 24 Sep 2004 15:50:37 +0000 (GMT) Received: from post5.inre.asu.edu (post5.inre.asu.edu [129.219.110.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0A3A043DC5; Fri, 24 Sep 2004 15:50:25 +0000 (GMT) (envelope-from David.Bear@asu.edu) Received: from conversion.post5.inre.asu.edu by asu.edu (PMDF V6.1-1X6 #30769) id <0I4J00A01YHNEX@asu.edu>; Fri, 24 Sep 2004 08:46:35 -0700 (MST) Received: from smtp.asu.edu (smtp.asu.edu [129.219.110.107]) <0I4J009ASYHFSO@asu.edu>; Fri, 24 Sep 2004 08:46:35 -0700 (MST) Received: from moroni.pp.asu.edu (moroni.pp.asu.edu [129.219.69.200]) (8.12.10/8.12.10/asu_smtp_relay,nullclient,tcp_wrapped) with ESMTP id i8OFkQ71011938; Fri, 24 Sep 2004 08:46:26 -0700 (MST) Received: by moroni.pp.asu.edu (Postfix, from userid 500) id A6046E4D; Fri, 24 Sep 2004 08:46:12 -0700 (MST) Received: from post1.inre.asu.edu (post1.inre.asu.edu [129.219.110.72]) by imap1.asu.edu (8.11.0/8.11.0/asu_cyrus,tcp_wrapped) with ESMTP id g2DBEuE17821 for ; Wed, 13 Mar 2002 04:14:56 -0700 (MST) Received: from conversion.post1.inre.asu.edu by asu.edu (PMDF V6.1 #40110) david.bear@asu.edu) ; Wed, 13 Mar 2002 04:14:55 -0700 (MST) Received: from mx2.freebsd.org (mx2.FreeBSD.org [216.136.204.119]) by asu.edu (PMDF V6.1 #40110) with ESMTP id <0GSW00DIESKVQ8@asu.edu> for iddwb@IMAP1.ASU.EDU (ORCPT david.bear@asu.edu); Wed, 13 Mar 2002 04:14:55 -0700 (MST) Received: from hub.freebsd.org (hub.FreeBSD.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id 9189255791; Wed, 13 Mar 2002 03:14:48 -0800 Received: by hub.freebsd.org (Postfix, from userid 538) id 8BB8137B41D; Wed, 13 Mar 2002 03:14:30 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with SMTP id A772C2E8011; Wed, 13 Mar 2002 03:14:28 -0800 (PST) Received: by hub.freebsd.org (bulk_mailer v1.12); Wed, 13 Mar 2002 03:14:28 -0800 Received: from webweaving.org (adsl-66-124-87-42.dsl.snfc21.pacbell.net [66.124.87.42]) by hub.freebsd.org (Postfix) with ESMTP id 7A00637B404; Wed, 13 Mar 2002 03:14:23 -0800 (PST) Received: from dirkx (helo=localhost) by webweaving.org with local-esmtp (Exim 3.14 #1) id 16l7MP-0007Mr-00; Wed, 13 Mar 2002 11:56:01 +0000 From: Dirk-Willem van Gulik In-reply-to: <200203130245.g2D2jbY28875@whizzo.transsys.com> Sender: owner-freebsd-security@FreeBSD.ORG X-Sender: dirkx@router.ispra.webweaving.org To: dwbear75@gmail.com Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Precedence: bulk X-Loop: FreeBSD.org Delivered-to: freebsd-security@freebsd.org Old-To: "Louis A. Mamakos" Lines: 42 X-Keywords: cc: PicoBSD List cc: freebsd-security@FreeBSD.ORG Subject: Re: Smartcard device support? X-BeenThere: freebsd-small@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Dedicated and Embedded Systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Fri, 24 Sep 2004 15:50:37 -0000 X-Original-Date: Wed, 13 Mar 2002 11:56:01 +0000 (GMT) X-List-Received-Date: Fri, 24 Sep 2004 15:50:37 -0000 On Tue, 12 Mar 2002, Louis A. Mamakos wrote: > You should take a look at the Dallas Semiconductor Java iButton, > which is a small Java smartcard like device in a package about the > size of a button-battery. There's also an inexpensive reader > dongle you can attach to a serial port to talk with it. > > The Java iButton can do RSA public key processing; in fact, with > a suitably written application (in Java, of course), you can have > the device generate a public/private keypair, hand you back the > public key, and never expose the private key inside the tamper > resistant device. Very cool. And extremely easy to write/handle. I used it to do the above; have it signed by a CA - and then use the iButton to sign 5 day cert's which go down into a web server. They are not that fast though - i.e. do not expect those nice <1msec touch-and-go you see with the nedap devices. You have to conciously press them against the blue connector for a noticable period of time. I.e. there is a 'rest' moment. > See http://www.ibutton.com/ for information. See also > /usr/ports/comms/mlan3 for some low-level code used to talk > to these types of "one-wire" devices. I found them working just fine. However - the IDE requirers java comm support - which I could not get to work on FreeBSD (a year ago). So I had to do the initial part of the development on Sun Solaris box (PC is fine too). But once you are set up it is 100% java and platform agnostics; and especially if during development you allow the iButton to DHCP network itself in - using one of the adaptor cards and the java SIM - you can use (t)ftp to do all your develpment just fine from any unix. And may only need ot do something special when you are rolling out the ibottons on a PC. DW. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message