Scute: feature request: Support CKA_TRUSTED attribute on X.509 certs

Simon Josefsson simon at
Mon Apr 23 11:35:08 CEST 2007

Werner Koch <wk at> writes:

> On Sun, 22 Apr 2007 13:45, simon at said:
>> My intention is to use the CKA_TRUSTED, or possibly the
>> CKA_CERTIFICATE_CATEGORY, attributes to decide whether to treat a
>> certificate as a trusted certificate by GnuTLS.  Is that a bad idea,
>> or would implementing those attributes in Scute be a good idea?
> A good one.  Marcus, can you please look after it?

Thanks.  Btw, do you know what the best way to find out which
certificate correspond to a private key?  Using the key id seems
somewhat fragile, but it is what I'll use unless I learn of a better


More information about the Gnupg-devel mailing list