smart card authentication with Linux?

Ben Scott dragonhawk at gmail.com
Mon Nov 14 15:15:01 EST 2005


On 11/14/05, Paul Lussier <p.lussier at comcast.net> wrote:
> ... does not have to  be synchronized with a central server....
> if someone in the company  leaves, and they had access
> to these keys, we have to go to all our customers systems
> and change the keys ...

  So let me get this straight.  You want an authentication mechanism
which does not require central coordination, but allows rejection of
compromised keys.  How are the auth clients going to determine when a
key is compromised, then?  Use the Force or something?  :)  Seriously,
I don't think what you're asking for is possible.  If you want auth
clients to reject compromised keys, they have to get a Compromised Key
List from *somewhere*.

  It seems to me that the "hardware-based" part of this is just an
attempt to reduce the likelihood of a key being compromised.  You're
assuming that the hardware key will be more likely to be turned in,
and more likely to be resistant to duplication.  Sure, you're probably
right on both counts, but "more likely" is not the same as "absolutely
assured".  Ultimately, you still have to solve the compromised key
problem.

  Is there a reason the auth clients can't automatically download a
signed CKL from the 'net?

-- Ben



More information about the gnhlug-discuss mailing list