In a CSR, how is it proven that the key resides on a smart card (and is not
exportable)? In my understanding, the CSR is signed by the private key of
the (to be) cert itself. Thus that signature only proves that the
requester actually possesses the private half, not that the private key
resides o
On Wed, Jan 18, 2012 at 04:20:05PM -0800, Frank Cusack wrote:
> In a CSR, how is it proven that the key resides on a smart card (and is not
> exportable)? In my understanding, the CSR is signed by the private key of
> the (to be) cert itself. Thus that signature only proves that the
> requester a
On Wed, Jan 18, 2012 at 11:04 PM, Christian Hohnstaedt <
christ...@hohnstaedt.de> wrote:
> On Wed, Jan 18, 2012 at 04:20:05PM -0800, Frank Cusack wrote:
> > In a CSR, how is it proven that the key resides on a smart card (and is
> not
> > exportable)? In my understanding, the CSR is signed by the
