Quoting Patrick Richard <[EMAIL PROTECTED]>: > [...] some providers are providing CAPI and P11 > _some_ are just P11. Whilst accerlerators in CAPI is simple, it is less > common to _not_ have P11 with HSMs, no ? > > So what I was getting at, are there any xmlsec -> CAPI - whith HSMs that > we had success with ? (P-11 underneath I am happy too).
Well, I didn't understand your formulation. Many accelerator have an openssl driver, and there is some pkcs#11 patch for openssl, so you will probably have more success going in that direction. > What I am wanting to do is use HSMs with xmlsec without too many > 'external' initializers etc.. First I need to know it works at all, > which it seems to (via CAPI, whatever is underneath it doesn't care). I have here code that works perfectly with the software implementation of CAPI but has difficulties with at least one model of hardware token. This is what I refered to in my last message. _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
