PKCS#11 support for gpg-agent
alon.barlev at gmail.com
Fri Sep 2 19:08:37 CEST 2005
>>But it does not say that GPLed software cannot use PKCS#11 interface
>>in order to access none GPLed tokens!
> Read the GPL again and you will see that this is not possible.
I have... and did not find the place.
Can you please refer me to the exact item where you find the
>>I am sorry to read that... I think it is a good standard... Just like
>>any RSA Security
>>PKCS#* standard... at least it is a standard that most programmers
> like PKCS#12 :-)
>>I don't understand why you guys did not rewritten the PKCS#7, PKCS#1,
> pkcs#7 is nowadays called CMS. It is used by gpgsm. pkcs#1 is even
> part of OpenPGP.
Well... so what is the problem of using PKCS#11 why can you
use all the other PKCS#* and cannot use PKCS#11?
>>The whole new work of gpg 1.9 was to migrate to S/MIME... Why!?!?!?!
>>You could have been very happy in your close PGP format world.
>>Even if the standards are ugly, they at least work!
> Depends on the standard.
Well, PKCS#11 works for everyone... except for you guys...
>>I am responsible of replacing software/suggest correct software for
>>Currently gpg is on my black list... And because of this I tried to
> As said in my other mail to gnupg-devel: If you have a commercial
> interest. talk to me about implementing pcsk#11 - but don't expect to
> get something for free. I have laid out the path on how to implement
> a pkcs#11 library to make use of gpg-agent/scdaemon as a token. It is
> also possible to write a pkcs#11 thingy for just that card.
I don't have a commercial interest, I just want to help...
Lately I've tried to use gpg to encrypt some of my stuff, and
found the proprietary requirements... So I searched and
searched... and read the gpg-agent source, I could not believe
that you invent the wheel!
And here we are...
>>>I don't meant to write another agent. Write a pkcs#11 driver which
>>>uses gpg-agent as its token.
>>This is the WRONG WRONG WRONG approach!!!!!!!
> Well, my opinion is different.
When I understood that I've promised not to bother you again... :)
More information about the Gnupg-users