From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: J.Witvliet@mindef.nl
Cc: xen-devel@lists.xensource.com
Subject: Re: PKCS#11 passthrough for Smartcards
Date: Tue, 17 May 2011 10:06:04 -0400 [thread overview]
Message-ID: <20110517140604.GB6816@dumpdata.com> (raw)
In-Reply-To: <20110517093912.B853321DCB7@mx4-out.mindef.nl>
On Tue, May 17, 2011 at 11:38:56AM +0200, J.Witvliet@mindef.nl wrote:
> Hi all,
>
> As advised, i'll put the message on the devel-list
How is KVM doing the pass-through? Is it in QEMU? If so, when we switch
over to upstream QEMU (which we are doing now), we should get it
automatically I would think.
>
> Kind regards, Hans
>
>
> -----Original Message-----
> From: Joseph Glanville [mailto:joseph.glanville@orionvm.com.au]
> Sent: woensdag 11 mei 2011 18:01
> To: Witvliet, J, CDC/IVENT/OPS/I&S/HIN
> Cc: xen-users@lists.xensource.com; hwit@a-domani.nl
> Subject: Re: [Xen-users] PKCS#11 passthrough for Smartcards
>
> Hi,
>
> As far as I am aware this isn't supported - it would require a paravirtualised backend to be possible. I think I have seen you request it a few times and noone is yet to reply. You could try the xen-devel list to see if anyone has been working on one but once again, I doubt it.
> Have you had any luck with KVM or the other hypervisors? This seems like a much more "desktop" feature so you might be better off looking at a less server consolidation oriented hypervisor if that makes sense.
>
> Joseph.
>
> On 11 May 2011 23:34, <J.Witvliet@mindef.nl> wrote:
> >
> > Hi all,
> >
> > Someone mentioned today to me, that the "competing virtualisation product"
> > is capable of doing PKCS-forwarding towards a virtual client.
> >
> > So, my question here, does XEN supports PKCS-passthrough?
> > As i also need my smartcard locally (on the hypervisor), i can not use
> > neither pci nor usb-forwarding....
> >
> >
> > Hans
> >
>
> Hi Joseph,
>
> It's strange that in a world that is "conceived as" more insecure, devices like tokens and smartcard are not becoming mainstream.
> RedHat can currently do virtualisation af an (USA) CAC-card for their KVM.
What is that?
> And it looks like a business-case is being made to alter their code to support generic smartcards.
Uhhh, so not in the upstream kernel then.
prev parent reply other threads:[~2011-05-17 14:06 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-17 9:38 PKCS#11 passthrough for Smartcards J.Witvliet
2011-05-17 14:06 ` Konrad Rzeszutek Wilk [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110517140604.GB6816@dumpdata.com \
--to=konrad.wilk@oracle.com \
--cc=J.Witvliet@mindef.nl \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.