Hi Darren, Darren J Moffat wrote:
> I need some more time on this, I should be finished by tomorrow. > > I do how ever have one very big high level comment. > > DJM-0 > > We should port the wpa crypto code to use PKCS#11 instead. I'm not > suggesting that this is required for initial integration but I think > it would be good to do since it should actually reduce the amount of > crypto related functionality wpad needs to implement; it can probably > be done just by replacing wpa_enc.c with a version that uses PKCS#11 > instead. > > It will help we come to do WPA-Enterprise since in that case we need > to provide support for storing the private RSA key in a smartcard or > other PKCS#11 keystore. ACCEPT. I will do this after the initial integration, then I will come to do WPA-Enterprise, which will use the PKCS#11 too, maybe need KMF. > > DJM-1 usr/src/cmd/cmd-inet/usr.lib/wpad/svc-wpa > > This method script shouldn't be needed at all since it should be > possible to express all of this in the manifest without needing a > separate method script. Okay, I will try. Thanks, -- Quaker
