|
Quoting Paul Wise <pabs@debian.org>:
The application takes care of authorizing users against a centralized server using login, password, and a keycard (made of paper; you may laugh now). It also works as a PKCS#11 key token processor that allows users to sign or encrypt their documents.
I wish it could use OpenSSL, However, the authorization service uses a inherently flawed architecture where the users don't own their private keys, and has been shown to rely on security by obscurity and other of the don'ts you'd find in any security expert's books. The government and the authorization service has received heavy criticism for their closed-source, insecure model, but we're required by law to use them. -- Ole Wolf Rødhættevej 4 * 9400 Nørresundby Telefon: 9632-0108 * Mobil: 2467-5526 * Skype: ole.wolf * SIP: ole.wolf@ekiga.net |
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature