gnutls-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] RFC: PKCS#11 plans

From: Nate Nielsen
Subject: Re: [gnutls-dev] RFC: PKCS#11 plans
Date: Tue, 24 Apr 2007 15:23:36 +0000 (UTC)
User-agent: Thunderbird 1.5.0.10 (X11/20070403) 
Simon Josefsson wrote:
> Serializing PKCS#11 is not simple, and I don't know if anyone has done
> this before.  Further, the serialization of PKCS#11 doesn't have to be
> exactly mapped to the PKCS#11 API, it only have to support the same
> things that PKCS#11 support.

Yes, it's certainly not simple.

gnome-keyring-cryptoki is serializing same of the PKCS#11 calls for
communication with its daemon. It's similar to  how a smart card driver
might send requests to its hardware component.

I would recommend that any such serialization remain an internal API
rather than trying to spec it out. As Alon is saying, implement PKCS#11
as the 'spec' or supported API, and then a certain PKCS#11 driver could
choose to serialize requests to a daemon (much as a smart card driver
would internally serialize or process requests).

Cheers,
Nate
reply via email to
[Prev in Thread] Current Thread [Next in Thread]