[Muscle] OpenID for PC/SC Lite / MuscleCard
Thomas Harning
thomas.harning at trustbearer.com
Fri Feb 15 11:51:22 PST 2008
Peter Williams wrote:
> is it openid1 or openid2?
>
> if its openid2, what is the "pape" value that a relying party can
> request, to ensure that it's a "trustbearer" authentication between
> user/device and the OP?
>
> is trustbearer mechanism of user auth actually a. SSL client cert auth,
> using a cert on the device? b. 7816 authentication? c. ICC proprietary
> authentication (e.g. GlobalPlatform), or something else?
>
OpenID 1 and 2 capable
We respond that its level 4 due to the hardware token involved + policies demarking
phishing protection, multi-factor & multi-factor physical.
User auth is being performed using challenge-response based on the certificate from the
token. Pre-registration is necessary since effectively, only the public key is used for
our setup.
--
Thomas Harning @ TrustBearer Labs (http://www.trustbearer.com)
Secure OpenID: https://openid.trustbearer.com/harningt
3201 Stellhorn Road 260-399-1656
Fort Wayne, IN 46815
More information about the Muscle
mailing list