On Wed, 2016-11-23 at 17:00 +0000, Salz, Rich wrote: > > > FWIW I am perfectly content for applications *not* to automatically work > > with such keys. Making the user jump through extra hoops to use them > > would be perfectly fine in my book. > > oh I see. "Users shouldn't care, it should just work" But only for some > keys. > > Part of my I am opposed to guessing.
For me it's the other way round. Magically detecting *that* particular perfectly valid PKCS#1 RSA key is actually intended for the gem engine would indeed be guessing. It's a bizarre abuse of PKCS#1 and it doesn't seem reasonable for anyone to "guess" that without explicit direction. But for the sane and common cases of PKCS#1, PKCS#8, PKCS#12 and similar files in both DER and PEM forms, for *those* it makes sense for applications to Just Work. And it shouldn't really involve "guessing". -- dwmw2
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
