Hello, If you look at the Musclecard Protocol definition - there is a figure which shows the 35,000 foot picture of the architecture:
Applications CDSA / PKCS-11 MuscleCard framework PC/SC Drivers Cryptographic Device in that order. Like the network stack it is necessary not to have too large of a plug-in stack. If each card had to have it's own PKCS-11 module, it would be difficult to ensure interoperability and quite cumbersome to write CSP's for cards. Consider MuscleCard framework for smartcard specific applications, and one layer below PKCS-11 or CDSA. Applications need the PKCS-11 or CDSA architecture to manage things like CA's, certificate handling, etc. The MuscleCard API is well capable of handling cards like the Finnish ID PKCS-15 card with the right plug-in. Even if it wasn't it could still fit at the PKCS-11 layer. At the Musclecard layer you are more worried about containers than certificates, Certs are stored as objects, keys are unwrapped and stored as keys, pins as pins, etc. Dave *************************************************************** Unix Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/ To unsubscribe send an email to [EMAIL PROTECTED] with unsubscribe sclinux ***************************************************************
