Is USB Key supported in IPOP?
1 view
Skip to first unread message
JustDoIt Ly
Dec 9, 2009, 8:33:28 PM12/9/09
to acis.p2p.users
USB Key is a hardware to hold the private key in PKI. It hides the
private key to everyone, but offers some API for any PKI applications.
And nowadays, USB Key is cheap, may be only 2-3 dollars.
When I used a P2P software, my boss worried about the security. When I
said it would be protected by a hardware, USB Key, he felt much
better.
I checked the website and some documents of IPOP and it seems USB Key
is not supported.
Please confirm it.
And I strongly suggest it is supported.
private key to everyone, but offers some API for any PKI applications.
And nowadays, USB Key is cheap, may be only 2-3 dollars.
When I used a P2P software, my boss worried about the security. When I
said it would be protected by a hardware, USB Key, he felt much
better.
I checked the website and some documents of IPOP and it seems USB Key
is not supported.
Please confirm it.
And I strongly suggest it is supported.
David Isaac Wolinsky
Dec 9, 2009, 8:57:59 PM12/9/09
to acisp2...@googlegroups.com
That's a really good idea and I support it too. At the moment, we lack
the resources to research, implement, and test it. If you or any other
user wants to implement it, we'd gladly accept patches. Otherwise,
we'll add it to our todo list.
Regards,
David
> --
>
> You received this message because you are subscribed to the Google Groups "acis.p2p.users" group.
> To post to this group, send email to acisp2...@googlegroups.com.
> To unsubscribe from this group, send email to acisp2pusers...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/acisp2pusers?hl=en.
>
>
>
>
the resources to research, implement, and test it. If you or any other
user wants to implement it, we'd gladly accept patches. Otherwise,
we'll add it to our todo list.
Regards,
David
>
> You received this message because you are subscribed to the Google Groups "acis.p2p.users" group.
> To post to this group, send email to acisp2...@googlegroups.com.
> To unsubscribe from this group, send email to acisp2pusers...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/acisp2pusers?hl=en.
>
>
>
>
JustDoIt Ly
Dec 10, 2009, 4:52:55 AM12/10/09
to acis.p2p.users
I browsed the IPOP code and I found it was too complicated. And I am
not a PKI expert neither.
If I want to do so, can you give me some hints?
For example, Which class or which file should I modify? Which kind of
API should I accept in order to keep IPOP platform neutral?
not a PKI expert neither.
If I want to do so, can you give me some hints?
For example, Which class or which file should I modify? Which kind of
API should I accept in order to keep IPOP platform neutral?
David Isaac Wolinsky
Dec 10, 2009, 8:49:25 AM12/10/09
to acisp2...@googlegroups.com
If you can get us an instance of this class:
http://msdn.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider%28VS.85%29.aspx
We can then worry about IPOP and I can help out with the rest. Honestly
I've never worked with a secure usb key, ideally there would be a single
API for interacting with them, but I really don't have any pointers. If
you find some documentation, we can iterate through some designs via the
mailing list.
http://msdn.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider%28VS.85%29.aspx
We can then worry about IPOP and I can help out with the rest. Honestly
I've never worked with a secure usb key, ideally there would be a single
API for interacting with them, but I really don't have any pointers. If
you find some documentation, we can iterate through some designs via the
mailing list.
JustDoIt Ly
Dec 11, 2009, 1:55:08 AM12/11/09
to acis.p2p.users
There are so many USB Key manufaturers, such as:
http://www.safenet-inc.com/products/data_protection/multi-factor_authentication/certificate-based_(pki)_usb_authenticators/ikey_usb_2032.aspx
. A lot support MS CrptoAPI and they will offer related
"cryptographic service provider". So far, the "cryptographic service
provider" is not a problem. But To be frank, I have no experience with
USB Key. I will buy and try one.
On 12月10日, 下午9时49分, David Isaac Wolinsky <davi...@ufl.edu> wrote:
> If you can get us an instance of this class:http://msdn.microsoft.com/en-us/library/system.security.cryptography....
http://www.safenet-inc.com/products/data_protection/multi-factor_authentication/certificate-based_(pki)_usb_authenticators/ikey_usb_2032.aspx
. A lot support MS CrptoAPI and they will offer related
"cryptographic service provider". So far, the "cryptographic service
provider" is not a problem. But To be frank, I have no experience with
USB Key. I will buy and try one.
On 12月10日, 下午9时49分, David Isaac Wolinsky <davi...@ufl.edu> wrote:
> If you can get us an instance of this class:http://msdn.microsoft.com/en-us/library/system.security.cryptography....
>
> We can then worry about IPOP and I can help out with the rest. Honestly
> I've never worked with a secure usb key, ideally there would be a single
> API for interacting with them, but I really don't have any pointers. If
> you find some documentation, we can iterate through some designs via the
> mailing list.
>
> Regards,
> David
>
>
>
> JustDoIt Ly wrote:
> > I browsed the IPOP code and I found it was too complicated. And I am
> > not a PKI expert neither.
>
> > If I want to do so, can you give me some hints?
>
> > For example, Which class or which file should I modify? Which kind of
> > API should I accept in order to keep IPOP platform neutral?
>
> We can then worry about IPOP and I can help out with the rest. Honestly
> I've never worked with a secure usb key, ideally there would be a single
> API for interacting with them, but I really don't have any pointers. If
> you find some documentation, we can iterate through some designs via the
> mailing list.
>
> Regards,
> David
>
>
>
> JustDoIt Ly wrote:
> > I browsed the IPOP code and I found it was too complicated. And I am
> > not a PKI expert neither.
>
> > If I want to do so, can you give me some hints?
>
> > For example, Which class or which file should I modify? Which kind of
> > API should I accept in order to keep IPOP platform neutral?
>
JustDoIt Ly
Dec 11, 2009, 3:54:00 AM12/11/09
to acis.p2p.users
Sorry, I have to add some important information here.
Run the command of "RegEdit" on your PC, you will find a few existing
providers under the entry of HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
\Cryptography\Defaults\Provider.
I am sure you have some ready providers there for providers can be
made by software only.
And in China, primary banks offer USB key as a security tools for
online banking. So most office staff have a USB key already.Nearly all
those USB keys support MS standards! Unfortunately, my USB Key is not
in the list.
Of course, banks and owners don't want to use those USB keys as a
networking security tools, for money is more important.
I hope we could find a easy way to support USB Key in IPOP.
Good Luck.
On Dec 11, 2:55 pm, JustDoIt Ly <justdoi...@gmail.com> wrote:
> There are so many USB Key manufaturers, such as:http://www.safenet-inc.com/products/data_protection/multi-factor_auth...
Run the command of "RegEdit" on your PC, you will find a few existing
providers under the entry of HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
\Cryptography\Defaults\Provider.
I am sure you have some ready providers there for providers can be
made by software only.
And in China, primary banks offer USB key as a security tools for
online banking. So most office staff have a USB key already.Nearly all
those USB keys support MS standards! Unfortunately, my USB Key is not
in the list.
Of course, banks and owners don't want to use those USB keys as a
networking security tools, for money is more important.
I hope we could find a easy way to support USB Key in IPOP.
Good Luck.
On Dec 11, 2:55 pm, JustDoIt Ly <justdoi...@gmail.com> wrote:
> There are so many USB Key manufaturers, such as:http://www.safenet-inc.com/products/data_protection/multi-factor_auth...
Reply all
Reply to author
Forward
0 new messages