scd: Reader specific initialization code (scd-work branch)
NIIBE Yutaka
gniibe at fsij.org
Thu Jan 31 01:32:34 CET 2013
Thanks for your response.
On 2013-01-30 at 10:41 +0100, Achim Pietig wrote:
> if the extention of the VERIFY command (APDU with no command data,
> SW1SW2 = 63Cx, where x encodes the number of further allowed
> retries) is useful for several readers, there is no problem to
> provide this in the next OpenPGP card specification.
Yes, it is useful. Please add this.
You know, using a card is not only with a card, but also with a
reader. In some situations, such as in the error recovery (from an
error of the reader, not the card), the status of the card may be not
well-defined. This causes "out-of-sync" for the card status between
the one in an application and the actual one in the card.
If it is possible for an application (SCDaemon) to use VERIFY command
to confirm the authentication status, it will be possible to sync back
the status easily.
Then, user won't see weird errors (again and again) after an error by
reader which causes out-of-sync, and won't need to manually reset the
reader and the SCDaemon.
--
More information about the Gnupg-devel
mailing list