[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] GnuTLS PKCS#11 Engine

From: Alon Bar-Lev
Subject: Re: [gnutls-dev] GnuTLS PKCS#11 Engine
Date: Mon, 14 May 2007 10:35:52 +0300

On 5/14/07, Simon Josefsson <address@hidden> wrote:
"Alon Bar-Lev" <address@hidden> writes:

> An initial version of gnugls-pkcs11 is available for testing.
> It should provide a simple API to access PKCS#11 cryptographic tokens.

Cool!  I'm able to authenticate to the test server using
my brand new Swedish NIDEL ID card using the OpenSC PKCS#11 provider.

Please try Scute... I've never tried it before... It should use
protected authentication, it means that the program should not ask you
for PIN but the gnupg pinentry should pop up.

Some questions:

1. Do you have any comments regarding the API?

2. Do you want me to add the gnutls interface to pkcs11-helper (as in
OpenSSL case) or leave it as a separate module?

3. Do you think there is advantage of creating subset API of
pkcs11-helper available (current state), or have the developer access
pkcs11-helper directly and provide some utilities for GnuTLS
environment (as in OpenSSL case).

Pkcs11-helper needs the following patch to compile configured with

./configure --without-crypto-engine-openssl --disable-openssl


Oops... Long time since I tried GnuTLS only... :)

Best Regards,
Alon Bar-Lev.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]