Doug Engert
Doug Engert
https://www.idmanagement.gov/docs/fips201ep-smocc.pdf also says: > When one of 0x27 or 0x2E are present, this text states “…the PIV Card Application supports secure messaging.” This is an incomplete view. When the APT...
Do you know exactly what the PIV compliance tool looks at? For example if you passed in 0x27 and 0x2E in the middle of the list, would it complain? ```...
If you are going to add additional Algorithms you will want to avoid any conflicts with whatever NIST might do in the future. sp800-73-4 refers to sp800-78 for Algorithms. The...
Looking closer at iso7816-4 "5.4.2 Cryptographic mechanism identifier template" "Such a template shall consist of two or more data objects" "The first data object shall be a cryptographic mechanism reference,...
ISO7816-4 5.4.2 Cryptographic mechanism identifier template Starts with: > Referenced by tag 'AC', one or more cryptographic mechanism identifier templates may be present in the control parameters of any DF...
Based in statement above: "multiple AC tags in the FCI with one 80/06 tag pair each." The old version of ISO/IEC 7816-4:2005(E) says: "Table 12 lists the file control parameters,...
Who at NIST responded to the inquire(s)? I can try asking the same type of question and point out there are three of us @arekinath, @mistial-dev, @makinako and @dengert are...
See #3203 on current state for epass2003 changes. It appears that the newer epass2003 cards have a PKCS15 structure, so although these fail: ``` ./pkcs15-init -E -T ./pkcs15-init -C -T...
I would like to see some combination of the pkcs11-tool changes in #3090 and your PR 2979 submitted before completion of #3090. I have pushed some changes this morning that...
This sounds like some new Yubico extension. The PIV specifications from NIST [NIST.SP.800-73-4](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-73-4.pdf) defines fixed pin policies. A quick look at [1](https://support.yubico.com/support/solutions/articles/15000014219-yubikey-5-series-technical-manual#Policiesf5yfro) and [2](https://developers.yubico.com/PIV/Introduction/Yubico_extensions.html#_pin_policy) does not show how to read...