Date: Wed, 13 Mar 2002 11:56:01 +0000 (GMT) From: Dirk-Willem van Gulik <dirkx@webweaving.org> To: "Louis A. Mamakos" <louie@TransSys.COM> Cc: Gunther Schadow <gunther@aurora.regenstrief.org>, freebsd-security@FreeBSD.ORG, PicoBSD List <freebsd-small@FreeBSD.ORG> Subject: Re: Smartcard device support? Message-ID: <Pine.BSO.4.21.0203131150060.11499-100000@router.ispra.webweaving.org> In-Reply-To: <200203130245.g2D2jbY28875@whizzo.transsys.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 12 Mar 2002, Louis A. Mamakos wrote: > You should take a look at the Dallas Semiconductor Java iButton, > which is a small Java smartcard like device in a package about the > size of a button-battery. There's also an inexpensive reader > dongle you can attach to a serial port to talk with it. > > The Java iButton can do RSA public key processing; in fact, with > a suitably written application (in Java, of course), you can have > the device generate a public/private keypair, hand you back the > public key, and never expose the private key inside the tamper > resistant device. Very cool. And extremely easy to write/handle. I used it to do the above; have it signed by a CA - and then use the iButton to sign 5 day cert's which go down into a web server. They are not that fast though - i.e. do not expect those nice <1msec touch-and-go you see with the nedap devices. You have to conciously press them against the blue connector for a noticable period of time. I.e. there is a 'rest' moment. > See http://www.ibutton.com/ for information. See also > /usr/ports/comms/mlan3 for some low-level code used to talk > to these types of "one-wire" devices. I found them working just fine. However - the IDE requirers java comm support - which I could not get to work on FreeBSD (a year ago). So I had to do the initial part of the development on Sun Solaris box (PC is fine too). But once you are set up it is 100% java and platform agnostics; and especially if during development you allow the iButton to DHCP network itself in - using one of the adaptor cards and the java SIM - you can use (t)ftp to do all your develpment just fine from any unix. And may only need ot do something special when you are rolling out the ibottons on a PC. DW. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSO.4.21.0203131150060.11499-100000>