pkcs11 supported or not ?

[Andreas Jellinghaus]

Ah, I detect we are talking about two different things.

I don't want to use gpgme in mozilla as pkcs#11 plugin.

I want gpgme to use opensc-pkcs11.so (or libopensc.so).

> You can't use Mozilla with a GPLed library (GPGME) because Mozilla is
> not entirely GPLed due to some plugins are still MPLed.

Ok, I neither want nor need to use mozilla with gpgme.
I want apps using agypten such as kmail and mutt be able to use
smime certificates and keys stored on a smart card via opensc.

> And well, Mozilla seems to be the only GPLed (and MPLed)
> application which makes use of pkcs-11.

for the record: opensc includes a pkcs11 module, and that module
can be used by pam_opensc, mozilla, pkcs11-tool, and engine_pkcs11,
a dynamic engine loadable in openssl.

I guess the changes to any application using openssl to use the 
dynamic engine and that way the pkcs11 module will only be a few
lines of code.


but as I wrote above: I don't want gpgme as pkcs11 module.
I want gpgme to use a pkcs11 module (or opensc) :-)

> BTW, PKCS-15 support in Aegypten (aka gpg 1.9) is just an option and
> we are going to support other card applications too.

Opensc is using the pkcs#15 framework internaly. But if opensc
is used via the pkcs11 module, the application does not care 
how opensc internaly works. If gpgsm is also a pkcs#11 module,
the application still will not care, what the internals are.

isn't gpgme a software only thing? why would you want to implement
pkcs#15 internaly, I wonder? I thaught it was for smart cards only.
And it is not a very nice thing to implement :-)

I'm confused.

Cheers, Andreas