Le 11/06/2012 16:32, Sebastien Lorquet a écrit :
> If you can have a secure channel, why not have it in contact mode too?
I explained why. it can happen that no security module is available, in
such cases an appl must abort some tasks (since they will / should be
refuse by the chip) if the communication is contactless.
I won't list specific cases with lot of details but basic uses of PIV
cards as well as BAC protected chips may encounter this issue.
> correct me if I'm wrong but what does biometry has to do with PCSC except
> nothing? If a card reader also has a fingerprint/whatever sensor then it's a
> composite device isn't it?
so the part 10 of the PC/SC standard has nothing to do with PC/SC ?!?
§10 deals with Secure PIN Entry - meaning composite device with card
reader(s) and PIN pad; composite devices with reader(s) and fingerprint
scanner / sensor could (should?) conform to a PC/SC standard too.
(I mean as soon as you consider that plain fingerprint image and / or
minutiae should not be present on the (unreliable, intrustable) host).