Daniel Kahn Gillmor <[email protected]> writes: > On 03/05/2009 11:01 AM, Jonathan Manktelow wrote: >> Hi, Is there any support for using certificates on smartcards with Gnutls? > > No, there does not appear to be. I think it could be very useful to > support private keys from smartcards in GnuTLS, but it would perhaps be > even more useful to have generic out-of-process private key handling > (like ssh-agent from OpenSSH does) so that developers could implement a > smartcard-capable private key backend directly as a plugin.
Yes. Using the callback I mentioned, I think it should be possible to implement a small library that talks to SeaHorse or similar to provide this functionality. > This is a counterpoint to the idea of an external certificate validation > agent, which was at one point fleshed out here: > > http://redmine.josefsson.org/wiki/gnutls/GnuTLSExternalValidation > > but that page seems to currently give a 404 error (Simon, the whole > redmine instance seems to be gone -- is this something you already know > about?) Yes, for some reason the performance of ruby/redmine made the host really slow so I had to disable it. What we need is just some wiki space to work on ideas like this... I don't have sysadmin resources to keep redmine running, so help here would be appreciated. /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
