PKCS#11 support for gpg-agent
Werner Koch
wk at gnupg.org
Fri Sep 2 17:56:30 CEST 2005
On Fri, 02 Sep 2005 15:30:29 +0300, Alon Bar-Lev said:
>> Most pkcs#11 stuff is not GPL compatible.
>>
> But it does not say that GPLed software cannot use PKCS#11 interface
> in order to access none GPLed tokens!
Read the GPL again and you will see that this is not possible.
> I am sorry to read that... I think it is a good standard... Just like
> any RSA Security
> PKCS#* standard... at least it is a standard that most programmers
like PKCS#12 :-)
> I don't understand why you guys did not rewritten the PKCS#7, PKCS#1,
> PKCS#8, PKCS#9
pkcs#7 is nowadays called CMS. It is used by gpgsm. pkcs#1 is even
part of OpenPGP.
> The whole new work of gpg 1.9 was to migrate to S/MIME... Why!?!?!?!
> You could have been very happy in your close PGP format world.
> Even if the standards are ugly, they at least work!
Depends on the standard.
> I am responsible of replacing software/suggest correct software for
> using smartcards.
> Currently gpg is on my black list... And because of this I tried to
As said in my other mail to gnupg-devel: If you have a commercial
interest. talk to me about implementing pcsk#11 - but don't expect to
get something for free. I have laid out the path on how to implement
a pkcs#11 library to make use of gpg-agent/scdaemon as a token. It is
also possible to write a pkcs#11 thingy for just that card.
>> I don't meant to write another agent. Write a pkcs#11 driver which
>> uses gpg-agent as its token.
>>
>>
> This is the WRONG WRONG WRONG approach!!!!!!!
Well, my opinion is different.
Salam-Shalom,
Werner
More information about the Gnupg-users
mailing list