Hello,
On Jun 10, 2011, at 19:46 , webmas...@opensc-project.org wrote: > pkcs11: framework-pkcs15: OpenSC specific 'non-repudiation' cryptoki > attribute ... > > In PKCS#11 there is no CKA_ attribute dedicated to the NON-REPUDIATION flag. > We need this flag in PKCS#15/libopensc to make dinstinction between > 'signature' and 'qualified signature' key slots. Why? PKCS#11 is an API for accessing cryptographic hardware. From that perspective (and from API perspective) there's no difference if a signature is "qualified" or "not qualified". Applications that deal with qualified signatures usually depend on certain certificates (and their properties). I would leave the task for the application to figure out instead of inventing nonstandard extensions. -- @MartinPaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
