[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-users] PKCS#11 passthrough for Smartcards
-----Original Message----- From: Joseph Glanville [mailto:joseph.glanville@xxxxxxxxxxxxxx] Sent: woensdag 11 mei 2011 18:01 To: Witvliet, J, CDC/IVENT/OPS/I&S/HIN Cc: xen-users@xxxxxxxxxxxxxxxxxxx; hwit@xxxxxxxxxxx Subject: Re: [Xen-users] PKCS#11 passthrough for Smartcards Hi, As far as I am aware this isn't supported - it would require a paravirtualised backend to be possible. I think I have seen you request it a few times and noone is yet to reply. You could try the xen-devel list to see if anyone has been working on one but once again, I doubt it. Have you had any luck with KVM or the other hypervisors? This seems like a much more "desktop" feature so you might be better off looking at a less server consolidation oriented hypervisor if that makes sense. Joseph. On 11 May 2011 23:34, <J.Witvliet@xxxxxxxxx> wrote: > > Hi all, > > Someone mentioned today to me, that the "competing virtualisation product" > is capable of doing PKCS-forwarding towards a virtual client. > > So, my question here, does XEN supports PKCS-passthrough? > As i also need my smartcard locally (on the hypervisor), i can not use > neither pci nor usb-forwarding.... > > > Hans > Hi Joseph, It's strange that in a world that is "conceived as" more insecure, devices like tokens and smartcard are not becoming mainstream. RedHat can currently do virtualisation af an (USA) CAC-card for their KVM. And it looks like a business-case is being made to alter their code to support generic smartcards. As a longterm SuSE/XEN user, it is something i'm not all to pleased about. Bit in generally, from the response, it looks like nobody is interested in it at all. Actually, i'm beginning to contemplate in another direction: the possibility for accessing via the opensc-libs a reader&smartcard on a remote node in general, not just between a virtualmachine hoster/clients. If i can pull it off, it would not only be usable for any virtuaization technique, but also for any remote desktops, like vnc, nomachine, etc etc. But i just want to be shure that this isn't done yet, or just to be released: time is precious..... Hans ______________________________________________________________________ Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten. This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |