Re: Getting a personal smart card

["Geoffrey J Gowey" <gjgowey () gmail com>]

Your problem with a device such as this is that if the device is lost/damaged/destroyed then you're out of business.  
They're good for companies with a centralized setup since they can be replaced and the credentials changed, but for 
personal use it gets much more complicated.

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: Johann MacDonagh <johann () macdonaghs com>

Date: Mon, 7 Jul 2008 17:50:28 
To: <security-basics () securityfocus com>
Subject: Getting a personal smart card


Hey all,

If anyone was following my previous message, I was discussing unique password complexity. I also mentioned that I would 
love to have a personal smart card for personal authentication.

I may have found one:
http://athena-scs.com/product.asp?pid=33

The USB connection means that I don't have to buy a separate reader for computer systems. Sweet!

I just wonder what I can use this for. From what I understand, I can use it to log into Windows, OS X, and Linux 
systems by simply plugging in the USB key and entering in my PIN, right? Also, I guess support is built into OS X, but 
requires software installation for Linux and Windows (although depending on the distro, it may already be available on 
the Linux system).

So, if I have a x.509 cert for e-mail signing and a PGP key, I assume I can upload both of those onto there and remove 
them from my computer system. Then, whenever an application (a supported application) requires one or the other, it can 
query my smart card. All encryption is done on the chip, so the computer system never even sees the private key.

Has anyone used these kinds of systems? Purely a geek toy or did they make your life easier? Is Athena known for 
interoperability between systems?

Thanks,
Johann