Blog moved to

I moved my blog from to . Why? I wanted to move away from Blogger (owne...

Thursday, May 30, 2019

Surprising request from a law firm

A few weeks ago I received this email:

Subject: [high priority] [19444663] Content Removal - SENSITIVE DATA

Dear Sir/Madam,

Our company, AXUR, represents C.......R in issues involving the violation of intellectual property and fraud on the Internet.

C.......R is the only company authorized to use the trademark and owns or licenses numerous trademark registrations worldwide, including, but not limited to the following registration number 825503736.

The trademarks, logos, words and phrases registered by C.......R shall be exclusively used by C.......R and any other use by a third party constitutes a trademark infringement.

It has come to our attention that the reported content provides related content (see attached) to the trademark without having obtained prior written authorization from C.......R . More specifically, this content disclosures SENSITIVE DATA from our client or its customer, creating a Likelihood of Confusion between the trademark and the reported content.

Furthermore, by misusing the trademark on your website, you are also diluting its use, because it weakens the ability of brand identification as a single source of research and may lead consumers to believe that there is some association between C.......R and your website.

Official Website:

Considering the violation of intellectual property rights of C.......R on your website, we kindly request that you remove all content available on the attached URL(s) which use the above mentioned trademark without having obtained prior authorization.

In order to avoid a lawsuit from a federal court, please, send confirmation that this email was received along with your guarantee to comply with the requests reported above.

Under penalty of perjury, we affirm that AXUR is authorized to act on behalf of the C.......R and this notification is in accordance with International Regulations of Internet and Intellectual Property Offices.

Should you require further information or should you prefer to discuss this issue, please do not hesitate to contact us through the e-mail address listed on the signature of this message.


Legal Team


I replaced the real trademark by "C.......R" to avoid receiving a new email asking to remove this blog article :-)

I also received the same email but with a different subject "[high priority] [19444667] Content Removal" for the same list but with a different URL:


I updated the list of ATR to remove any mention of "C.......R".

I asked confirmation from that the ATR list was OK now. I got no answer.

I also wrote them I would blog about it and got no answer as well.

Wednesday, May 22, 2019

pam_pkcs11: new version 0.6.11


From the project wiki page:
This Linux-PAM login module allows a X.509 certificate based user login. The certificate and its dedicated private key are thereby accessed by means of an appropriate PKCS #11 module. For the verification of the users’ certificates, locally stored CA certificates as well as either online or locally accessible CRLs are used.

The idea is to use a smart card and its corresponding PKCS#11 library to login (and more) into a GNU/Linux system.


22 May 2019
  • Version 0.6.11
  • Support OpenSSL 1.1.0
  • use green instead of blue text for logs on the console
  • Solaris runs build process outside of srcdir
  • Fix openssh_mapper_match_keys() for OpenSSL 1.0 & 1.1
  • Fix 64-bit pkcs11_inspect(1) fails on SPARC with a SIBGUS due to misaligned access
  • Add support of ECDSA signature in addition to RSA


Download the .tar.gz archive from

The .tar.gz or .zip files available from github are not complete (the ./configure script is missing for example)


In a previous blog article "pam_pkcs11: new/last version 0.6.9" (3 years ago) I wrote that it was my last release of pam_pkcs11.
  1. But I had to work on a problem related to the use of pam_pkcs11.
  2. I discovered that the version 0.6.10 (released by Paul Wolneykien, thanks) was not available in Debian.
  3. I decided to upgrade the Debian package.
  4. But version 0.6.10 broke support of OpenSSL 1.1.0 and the build for Debian failed.
  5. So I had to fix that and decided to also merge submitted patches and fix other reported bugs.
That is why you now have a new version of pam_pkcs11.