On Tue, 2016-12-13 at 16:49 -0800, James Bottomley wrote:
>
> So the proposal is to have a TPM specific value for PrivateKeyAlgorithm
> (which would have to be proposed as an OID) and use PrivateKeyInfo for
> the key? That could be made to work.
Right.
> The slight fly in the ointment that's
On Wed, 2016-12-14 at 06:58 -0800, James Bottomley wrote:
> > Hm, this seems odd. If something is stored in a file then exposing it
> > through PKCS#11 doesn't make sense at all. Do not attempt to use
> > PKCS#11 for any file access.
>
> OK, so the horse has already left the stable on that one
On Wed, 2016-12-14 at 17:05 +, David Woodhouse wrote:
> On Wed, 2016-12-14 at 06:58 -0800, James Bottomley wrote:
> > > Hm, this seems odd. If something is stored in a file then
> > > exposing it through PKCS#11 doesn't make sense at all. Do not
> > > attempt to use PKCS#11 for any file
On Wed, 2016-12-14 at 18:03 -0500, James Bottomley wrote:
> > I think we're talking about two different things. What I mean is that
> > a given application shall never have to deal with files and PKCS#11
> > for a given single object.
>
> Sure (as in I thought that went without saying).
If
On Wed, 2016-12-14 at 09:07 +, David Woodhouse wrote:
> On Tue, 2016-12-13 at 16:49 -0800, James Bottomley wrote:
> >
> > So the proposal is to have a TPM specific value for
> > PrivateKeyAlgorithm (which would have to be proposed as an OID) and
> > use PrivateKeyInfo for the key? That