On Sun, Jun 12, 2011 at 6:29 AM, Douglas E. Engert <deeng...@anl.gov> wrote: > The application should not depend on the flags in PKCS#15, but only depend on > the certificate or other signed objects that can be read from the card and > the ability > of the card to do the crypto.
Right. Only authenticated fields (signed by a trusted 3rd party) should be used in trust transactions. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
