While it may be technically feasible, Jean-Marc, it would create a
lot of confusion for users, developers and system administrators to
see a P12 file on their file-system that would not have a digital
certificate in it.

I suspect this is the primary reason why the PKCS specs have a #8
specification distinct from the #12; otherwise they would have just
recommended using #12 for all stages of the certificate issuance

Arshad Noor
StrongAuth, Inc.

Jean-Marc Desperrier wrote:

It's technically feasible (it does not break the format) to create a private key only pkcs#12,
dev-tech-crypto mailing list

Reply via email to