Hi Alon,
have you already made progress in the implementation? I was very
interested in this since I'd like to write some non-traditional pkcs#11
module and I'd prefer to do that in python... I was wondering whether
the forwarding driver could be a good fit for this...
In more detail, instead o
On 7/2/07, Bud P. Bruegger <[EMAIL PROTECTED]> wrote:
> Hi Alon,
>
> have you already made progress in the implementation? I was very
> interested in this since I'd like to write some non-traditional pkcs#11
> module and I'd prefer to do that in python... I was wondering whether
> the forwarding
On 7/2/07, Jim Rees <[EMAIL PROTECTED]> wrote:
> We do something like this to translate kerberos tickets into cert/key usable
> from pkcs11. But it only makes sense if you have some way to convince the
> CA that it should sign the keypair and issue a cert. In our case that's
> kerberos. Otherwis
Alon Bar-Lev wrote:
> In more detail, instead of using a static, local token, I would like to
> interface the pkcs#11 to a dynamic certificate: the middleware first
> creates a keypair, sends it off to a CA that issues a certificate on
> the fly, and then presents that through the pkcs#11
There is no getting around the enrollment trust problem. Most
sensible smartcard and PKI deployments handle this via an enrollment
ceremony that involves a face-to-face component.
-- TIm
On Jul 2, 2007, at 1:59 PM, Alon Bar-Lev wrote:
On 7/2/07, Jim Rees <[EMAIL PROTECTED]> wrote:
We do s
Je serai absent(e) du 29/06/2007 au 09/07/2007.
Je répondrai à votre message dès mon retour.
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
