I have seen many architects worried about the fact that going for secure strong credential store like smart cards may result in carrying many tokens in their key chains or wallet full of plastics on account of each of us having multiple identities. And Kim Cameron raises this concern again
<quote_kim_cameron>
If we don’t clearly make this distinction,, we’ll end up in a “fist full of dongles” nightmare that will even make Clint Eastwood run for the hills.
</quote_kim_cameron>
Fortunately this is not true, smart cards run a variety of programmable frameworks such as Java and .NET which are fully capable of hosting multiple applications from multiple vendors (yes they are interoperable) with a firewall among them (to make this situation work securely). Smart card based Banking and Airline miles cards are an example of this. Not to mention that vanilla CSP or PKCS#11 based smart cards do not distinguish between certificates coming from different vendors.
While I am on this topic I fully agree that certificate selection from clients (os and applications) has never been as easy and natural for end users as CardSpace makes it. Thanks CardSpace for this.
<quote_kim_cameron>
Speaking of smart card credentials, one of the big problems in last-generation use of smartcards was that if a Trojan was running on your machine, it could use your smartcard and perform signatures without your knowledge.
</quote_kim_cameron>
Yes a Trojan may get a digital signature from the smart card with out user's knowledge if the smart card application was written without following best practices for writing a secure application. BTW the same applies to Windows apps as well. A typical smart card application must utilize end-to-end secure channels for communication and should authenticate the client applications it is talking to. Now there is a problem of authenticating the client applications ... can't put the shared keys in them.... so there are limitations but as we go further we address them or technologies vertical to us do. NIM, which is the latest offering from Gemalto does that by validating the remote servers using PKI and I would show case in coming days how [traditional] smart cards could help in reducing the phishing attacks if not eliminate them for web based transactions.
The thing to note here is that smart cards alone are not capable to solve all security problems (phishing, impersonation, trojans) but their usage in smart environments such as that of CardSpace brings value to everybody. A complete secure technology would be a joint effort from different actors which compliment each other and I am sure we would see that happening. Amen.