Hard Token Management Framework 1.0
Hard Token Management Framework is used to manage the complete livecycle of an organizations Smartcard and/or USB dongles.
It communicates with the tokens through a PKCS11 interface so it is possible to change hardware as long as they supply it with a good implementation of PKCS11.
It comes along quite with a few ready made modules that can be composed to fit the need of the organization. The Hard Token Management Framework is an Add-on to EJBCA Certificate Authority (see http://www.ejbca.org).
Here are some key features of "Hard Token Management Framework":
· Support of Setec 4.3.1 and 4.4.1 cards (TODO check)
· Issuing cards with 1 or more certificates
· Support for 2 PIN, basic and signature
· Contains a 'Card Analyser' that analyses the card for the card administrator to give a suggestion of what is wrong with the card
· Possibilty to issue ordinary, temporary and project cards with different validities
· When a ordinary or project card is generated is all previous cards revoked
· When a temporary card is issued is the ordinary card set on hold until the ordinary card is reactivated
· Userdata is fetched from existing user data source.
· Possibility to unlock cards without exposing the PUK. The PUK is stored encrypted in EJBCA database.
· Easy to renew an expiring card
· Cards not used anymore can be revoked and ereased.
· It is also possible for a card administrator to do some management remotely (without having the card) such as revoking and activating a ordinary card.
· For 24/7 working environments where a card administrator might not be available it is possible for a colleague to issue a 'card unlock' or 'issue temporary' card request that is sent to a central support unit for approval
· TaLiMa also have error reporting functionality where unexpected error can be sent to the technical administrators for analysis
What's New in This Release:
· Key ceremoni parts did not compile with Java 1.5.
· When waiting for PIN unblock approval, the wrong text was displayed for the user.
· Swedish characters in global.properties didn't work well in Linux.
· Card/Certificate information was not cleared when the card was revoked.
· These have all been fixed.
· There is support to only return the 8 significant serial numbers of HardTokenSN.
· Applet support has been replaced by Java Web Start.
· A basic pine parameter has been added to IToken.removeObject.
· Support for uninitialized SetCos 4.4.1 cards using NetID 184.108.40.206 has been added.
· AutoLogon controller through PKCS11 has been added.