Add option for scdaemon to open smart card in non-exclusive mode
Bernhard Reiter
bernhard at intevation.de
Wed Sep 14 08:38:39 CEST 2016
Am Mittwoch 14 September 2016 03:16:35 schrieb Uri Blumenthal:
> > The next steps would be to
> > a) write it down, open up a ticket on bugs.gnupg.org
> > <http://bugs.gnupg.org/>
>
> Will do soon.
(Check if there is one already of course. :))
> Since I don’t have money to offer, I guess I will do the work - thankfully
> the expected efforts should be fairly low.
You can also try to convince others that this is a useful feature.
As I am not on a macosx machine, I don't face that problem for instance.
> > A workaround in your case could be to use two readers, one for each
> > token.
>
> Sorry, can’t work. For one - there are only two USB ports on my MacBook,
> and they are already used! Second and more important - this is one and the
> same physical token.
You could use a usb hub I guess and two tokens...
but I see your point.
> It certainly is feasible, as OpenSC proves quite nicely. That’s how PIV
> tokens work with OpenSC on Mac today: tokend connects to it and interfaces
> with the native Apple applications, while OpenSSL and Firefox use OpenSC
> PKCS#11 library to talk to the token directly. OpenSC provides a mechanism
> to detect if token’s state changed.
>
> Also, please note that I do not suggest eradicating exclusive access. I
> merely request that the user is given an option to configure scdaemon to
> connect in non-exclusive mode when the appropriate parameter in the config
> file is set. The default can well stay as it is now. --
Then you are right and if you suggest a patch I am confident that other
GnuPG-developers will give it a look.
Best,
Bernhard
--
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160914/8e92bf5f/attachment.sig>
More information about the Gnupg-devel
mailing list