On Wed, 28 Apr 1999, Ben Laurie wrote:
> > and now I'm lost again. Surely the certificate only needs to be loaded (and
> > therefore the passphrase needs to be entered) *once* after Apache startup ?
> > Are you saying it has to be loaded every time the server gets a hit from a
> > browser !!???!?!
>
> If all you do is load the private key (note, the cert is public anyway,
> so why protect it?) from the smartcard, why bother with a smartcard?
That point seems misunderstood by several people, even ones working around
smartcards...
A few weeks ago, I saw a message in a mailinglist from a guy who said that
he managed to make PGP and SSH work with a smartcard. He gave a URL to get
his paper... I retrieved this paper, and the way it worked was that the
smartcard was used just like a diskette, from which the private key was
loaded... :-(
That's a VERY BAD way to do it...
--
Erwann ABALEA
System and Development Engineer - Certplus SA
[EMAIL PROTECTED]
- RSA PGP Key ID: 0x2D0EABD5 -
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
