openpgp -> pkcs #11

Werner Koch wk at gnupg.org
Mon Jan 6 12:40:21 CET 2014


On Sun,  5 Jan 2014 16:20, nmav at gnutls.org said:

> If you are referring to the openpgp card opensc driver, it is really far

I mean www.scute.org - there is a Debian package for it:

 OpenPGP smartcard plugin for Mozilla Network Security Services Scute is
 a PKCS #11 implementation for the GnuPG Agent using the GnuPG Smart
 Card Daemon which enables you to use your OpenPGP smart card for client
 authentication with SSL in Mozilla.

> Indeed it is, but it is not much more than other security-related
> standards (see X.509 and PKIX). Nevertheless, a card or a module needs

No, it is very different from that.  PKIX is a protocol description and
not an API description.

> mainly by free software (NSS is fully using PKCS #11, gnutls uses it for

Because NSS used to be a proprietary way longer than Mozilla.

> such as the openpgp card to integrate seamlessly in all that software.

Use Scute and add the missing parts (encryption) ;-)


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list