Classic Client   In Production
 
The smart way to protect your network  
 

Classic Client is a smart card-based crypto-library product that brings portability and the highest level of security to enterprise networks. It is an easily integrated system that delivers all key functionalities required for a safe corporate infrastructure:  

  • Secure smart card authentication when accessing desktop, network and web applications
  • Smart card enabled digital signing and encryption of e-mail exchanges
  • Smart card enabled digital documents signing

Formerly known as GemSafe

Features and Benefits

Classic Client allows organizations to escalate productivity, increase profitability, and secure the corporate information flow between employees, partners, customers, and suppliers.

Highest level of Security

Classic Client offers the highest level of security, using public-key cryptography to store the digital identity on a smart card instead of a PC where it is vulnerable to hackers. PIN (Personal Identification Number) codes ensure proper identification while the microprocessor on the card transparently carries out user authentication. The solution integrates seamlessly with the latest standards for secure web access (SSLv3, TLSv1) and e-mail (S/MIME).

Portability

With Classic Client, users can store their identity and confidential information on a smart card, enabling complete portability. Traveling with your electronic identity in your pocket, network services can now be accessed simply and securely from any Classic Client-equipped PC in the world.

Ease-of-use

Thanks to Classic Client deployment, administration and use of smart cards is now simplified: IT department can enforce a specific PIN policy and limit card usage functions, helpdesk can help user to unblock the card, software certificates can be imported on the card, and user can be forced to change PIN code at first use.

Ready to integrate

Classic Client Integrator Kit provides software components, sample source code and documentation to help developers within the integration of the Classic Edition solution (on demand)

News

- Nov 2011

  • Classic Client v6.1 for MAX OS X Lion is now available.

 

- Sept 2011

  • Minidriver for Classic v3 applet is now available.

- June 2011

  • Classic Client v6.1 for Linux is now available. The main features are the following:

    • Support of Ubuntu 10.04 LTS distribution 32/64 bits

    • Support of Classic v2/v3 & IAS-ECC applets

     

    - March 2011

    • Classic Client v6.1 for Windows is now available.

      • This version brings a full support of dual interface cards, the support of Microsoft Office 2010, Google Chrome 9.0, and other improvements.

    - Sept 2010

    • Classic Client v6.0 SP1 for Windows is now available.

      • This version brings several enhancements and bug fixes.

      • It also brings performance optimization, especially in some cases of remote access.

    - April 2010

    • Classic Client v6.0 for MAC OS X 10.6 Snow Leopard is now available.

      • This version now support MAC OS X 10.6 and the IAS ECC card

       

      - December 2009

      • Classic Client v6.0 for Windows is now available.

        • This version now support Windows 7 and the IAS ECC card

         

        - October 2009

       

    • Patch2 for Classic Client v5.2 for Windows is now available.

      • This patch fixes several customers issues

      - July 2009

      • Patch1 for Classic Client v5.2 for Windows is now available.

        • This patch includes the driver 4.0.7.5 for Gemalto’s PC Pinpad readers and fixes several minor issues

          - May 2009

          • Classic Client v5.2 for Windows is now available in Gold Release.

            • This version supports all the classic TPC and MDE card and integrates the following features :

              - Support of Windows Server 2008

              - Improvment of the user experience using Gemalto PinPad

              - Support of Sha-256 mechanism and of the Global Pin functionality (applet V3 only)

              - Bug fixes

              - Documentation update- February 2009 : 

              • Classic Client v5.1.8 for Mac OS 10.5 (applet v2 or v3) is available in Gold Release.

              This version supports Classic TPC cards with Classic applet V2 or V3 and includes the TokenD interface. It does not provide the classic client toolbox, only a PIN management tool.

              • Classic Client v5.1.9 for Mac OS 10.5 (applet v1) is available in Release Candidate.

              This version supports Classic TPC cards with Classic applet V1. The scope of this release is similar than for the V2orV3 version.

              • Classic Client v5.1.8 for Linux (applet v1, v2 or v3) is available in Gold Release.

              This version supports Classic TPC cards with Classic applet V1, V2 or V3.

              It supports 2 Linux Distributions : Redhat W5 and Debian Etch.

              It integrates several bug fixes by synchronisation with the latest code baseline

               
 

Technical Specifications

Software
  • RSA Public Key Cryptography
  • SSLv3 client authentication for secure web access
  • S/MIME digital signature and 40-bit encryption for secure e-mail
  • CryptoAPI-enabled for use with Microsoft applications (Internet Explorer ,Microsoft Outlook Express ...)
  • PKCS #11 (v2.01) -enabled for use with other applications (Firefox, Netscape ...)
  • Onboard key generation
  • External loading of keys and certificates
  • User Setup management: create specific user setup packages for deployment
  • Certificate management: certificate automatic registration, view, import, export and delete
  • PIN Management: PIN policy, change PIN at first use, change and unblock PIN tools
Operating Systems
  • Windows 7 32 & 64 bits,
  • Windows XP SP2 & SP3 32 & 64 bits
  • Windows Vista SP1 32 & 64 bits,
  • Windows Server 2003 R2 SP2 32 & 64 bits
  • Windows Server 2008 32 & 64 bits
  • Linux Ubuntu 10.04
  • Mac OS 10.6
Smart Cards
  • Manufactured to ISO 7816-1, -2, -3, and -4 specifications
  • Onboard RSA up to 2048-bit signature and key unwrapping
  • X.509v3 certificate storage
  • Supported Gemalto Smart Cards and Tokens: Classic TPC (with Classic v1 ,  v2 or v3 applet installed and pre-personalized) and IAS TPC (IAS ECC applet)
Card Readers
  • Support any smart card readers compliant with PC/SC and certified by the Microsoft WHQL
  • Support the Gemalto PC Pinpad secure reader
Compatibility

Overview of the compatibility with third party systems.

 

The following table lists the products that are known to be compatible with Classic Client. Other third party products relying on PKCS#11, MS-CAPI or BaseCSP interfaces should be able to access the Gemalto cards through Classic Client.

Category Product Name Versions Use Cases API
Web Browsers Internet Explorer v7 / v8 / v9 Strong authentication with SSL MS-CAPI & BaseCSP
Mozilla Firefox v3 / v4 Strong authentication with SSL, PIN change, PKCS#12 file key injection PKCS#11
Google Chrome v9 / v13 Strong authentication with SSL PKCS#11 & BaseCSP
Safari v4 Strong authentication with SSL Token D
Emails Microsoft Outlook 2003 SP1 / 2007 / 2010 Email signature & Encryption MS-CAPI & BaseCSP
Mozilla Thunderbird v2 / v3 Email signature & Encryption PKCS#11
Mac Mail v4 Email signature & Encryption Token D
Certification Authorities Microsoft Windows CA 2003 / 2008 Certificate enrolment and renewal MS-CAPI & BaseCSP
Card Management Systems Microsoft ILM / FIM 2007 / 2010 Certificate issuance & management MS-CAPI / PKCS#11
Opentrust SCM v4 Certificate issuance & management PKCS#11
Intecede MyID v8 SP1 / SP2 Certificate issuance & management MS-CAPI / PKCS#11
Thin client and remote access Microsoft Terminal Services Server 2003    Server 2008 Smart card logon MS-CAPI & BaseCSP
Citrix Presentation Server v4.5 on Server 2003 Smart card logon MS-CAPI
Citrix Xenapp Server v5 on Server 2008  v6 on Server 2008 R2 Smart card logon MS-CAPI & BaseCSP
Office tools Microsoft Office 2003 SP1 / 2007 / 2010 Documents Signature & Encryption MS-CAPI
Adobe Acrobat v9 Document Signature & Encryption PKCS#11 & BaseCSP
Gemalto eSigner v3 / v4 Document Signature PKCS#11
OpenOffice Writer v3 Document Signature PKCS#11
OpenOffice Calc v3 Document Signature PKCS#11
NeoOffice Writter v3 Document Signature PKCS#11
NeoOffice Calc v3 Document Signature PKCS#11
Adobe Acrobat Reader v8 & v9 Document Signature PKCS#11 & BaseCSP
Disk encryption

 

 Safeguard Enterprise 5.35.3 (Applet V1 only) Preboot Authentication & Disk encryption PKCS#11
McAfee Endpoint Encryption build 5600 Preboot Authentication & Disk encryption PKCS#11
Windows BitLocker Drive Encryption on W7 Preboot Authentication & Disk encryption MS-CAPI & BaseCSP
WinMagic SecureDoc 4.8 Preboot Authentication & Disk encryption PKCS#11
SSO KeyChain MAC OS   Password Management Token D
Evidian ESSO   SSO PKCS#11
VPN Citrix Access Gateway   VPN PKCS#11
Cisco VPN   VPN PKCS#11
Microsoft VPN   VPN MS-CAPI
Checkpoint VPN-1   VPN PKCS#11

 

Next Steps