PKCS#11 support for gpg-agent

Alon Bar-Lev alon.barlev at
Fri Sep 2 19:08:37 CEST 2005


>>But it does not say that GPLed software cannot use PKCS#11 interface
>>in order to access none GPLed tokens!
> Read the GPL again and you will see that this is not possible.

I have... and did not find the place.
Can you please refer me to the exact item where you find the 

>>I am sorry to read that... I think it is a good standard... Just like
>>any RSA Security
>>PKCS#* standard... at least it is a standard that most programmers
> like PKCS#12 :-)
>>I don't understand why you guys did not rewritten the PKCS#7, PKCS#1,
>>PKCS#8, PKCS#9
> pkcs#7 is nowadays called CMS.  It is used by gpgsm.  pkcs#1 is even
> part of OpenPGP.

Well... so what is the problem of using PKCS#11 why can you 
use all the other PKCS#* and cannot use PKCS#11?

>>The whole new work of gpg 1.9 was to migrate to S/MIME... Why!?!?!?!
>>You could have been very happy in your close PGP format world.
>>Even if the standards are ugly, they at least work!
> Depends on the standard.

Well, PKCS#11 works for everyone... except for you guys...

>>I am responsible of replacing software/suggest correct software for
>>using smartcards.
>>Currently gpg is on my black list... And because of this I tried to
> As said in my other mail to gnupg-devel: If you have a commercial
> interest. talk to me about implementing pcsk#11 - but don't expect to
> get something for free.  I have laid out the path on how to implement
> a pkcs#11 library to make use of gpg-agent/scdaemon as a token.  It is
> also possible to write a pkcs#11 thingy for just that card.

I don't have a commercial interest, I just want to help... 
Lately I've tried to use gpg to encrypt some of my stuff, and 
found the proprietary requirements... So I searched and 
searched... and read the gpg-agent source, I could not believe 
that you invent the wheel!
And here we are...

>>>I don't meant to write another agent.  Write a pkcs#11 driver which
>>>uses gpg-agent as its token.
>>This is the WRONG WRONG WRONG approach!!!!!!!
> Well, my opinion is different.

When I understood that I've promised not to bother you again... :)

Best Regards,
Alon Bar-Lev.

More information about the Gnupg-users mailing list