On 20.6.2014 20:23, Simo Sorce wrote:
On Fri, 2014-06-20 at 20:04 +0200, Petr Spacek wrote:
can these two ever hold a different value ?
ie a privatekey be FALSE and a publickey be TRUE ?
If not I suggest you do not add this attribute at all and assume their
+1, we can use default values for most, if not all of the boolean flag
attributes. Personally, I would try to avoid using ipk11 attributes
until the PKCS#11 module is designed/implemented.
(btw I forgot what's the point of that attribute)
When it is true, a user may not access the object until the user has
been authenticated to the token (what PKCS#11 spec says).
Freeipa-devel mailing list