Hello, It is not the first time as I can read the messages where you mention about pkcs#11 standard implementation. I couldn't find any information about it on www.linuxnet.com. Does really this implementation for Linux platform exist? If there is this pkcs#11 module for Muscle cards, where I can find it?
Best regards, Maria Indeeva ----- Original Message ----- From: "David Corcoran" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, December 08, 2001 6:41 PM Subject: MUSCLE Re: PKS-11 (BOUNCE) > From: Tommaso Cucinotta <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > Subject: Re: MUSCLE musclecard architecture > > Dr S N Henson wrote: > > > > I'm not sure I follow this. PKCS#11 implementations have been written > > with no certificate handling at all: that is they just blindly store > > them as an opaque blob with a set of attributes provided by the > > application. > > Just as a note: MuscleCard PKCS#11 (and other SmartSign PKCS#11) do > interpret > some of the certificate fields (i.e. to set CKA_SUBJECT). They also > extract > the public key and expose it to the app. I don't know if this is useful > at > all, as the only thing an app should look at is the cert itself (as it > is > the only signed object). > Another useful thing (that is not actually done) would be checking if > the prv key on the card matches the public one in the cert... > > > 1. The card doesn't support the full range of algorithms: say RSA only, > > no DSA or DES, 3DES. > > 2. The card is read only: you can't create or delete objects at all. > > > > These could presumably be handled by some "query capabilities" function > > or similar. Does such a thing exist under MuscleCard or would an > > application have to interpret SW_UNSUPPORTED_FEATURE return codes? > > Next release of MCardAPI and CardEdge protocol will have further > informations returned with GetStatus() command. One of the already > defined info is the crypto capability of the card, so you would answer > to question #1. "read-only" could also be another capability, we will > eventually think of it.... other capabilities that would result useful ? > > Bye, > Tommaso. > > -- > /------------------------------------------------\ > | Dr. Tommaso Cucinotta <[EMAIL PROTECTED]> | > +------------------------------------------------+ > | Scuola Superiore di Studi Universitari | > | e Perfezionamento S.Anna | > | Pisa Italy | > \------------------------------------------------/ > > *************************************************************** > Unix Smart Card Developers - M.U.S.C.L.E. > (Movement for the Use of Smart Cards in a Linux Environment) > http://www.linuxnet.com/ > To unsubscribe send an email to [EMAIL PROTECTED] with > unsubscribe sclinux > *************************************************************** *************************************************************** Unix Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/ To unsubscribe send an email to [EMAIL PROTECTED] with unsubscribe sclinux ***************************************************************
