Le mardi 26 avril 2011 à 22:28 +0300, Martin Paljak a écrit :
>
>
> Anyway, I see what you're referring to and some of the practical
> possibilities are:
> a) Better documentation (in pkcs15-tool man page, wiki, etc) about
> what is going on in the context of pkcs15-tool and different options.
> d) Better documentation and adding something like
> "--list-all-public-keys" to pkcs15-tool, to provide a combined list of
> "native" public keys and ones from certificates.
> c) Remove the "read public key from certificate" convenience function
> to reduce such confusion
> d) Moving the "create public key objects from certificates" routine
> to libopensc core, creating public key objects on the fly (How to
> differentiate them on PKCS#15 level?)
> e) Improving pkcs15-init so that it would create a public key file
> when importing certificates (what will happen with different
> certificates against the same key? This would also waste EEPROM space)
>
> I could do a) or c), maybe also b) myself, anything else would require
> a patch from somebody else.
Thanks a lot anyone for your explanations. In fact, b) sounds fine as it
would allow casual users to quickly list all public keys.
And sorry if I did not use derive with its real meaning. Thanks for the
explanation about "read public key from certificate". Please don't
remove this feature.
Kind regards,
--
Jean-Michel Pouré - Gooze - http://www.gooze.eu
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
