PKCS #11 + gnutls
Christian Hilberg
hilberg at kernelconcepts.de
Fri Mar 25 10:34:49 CET 2011
On Thu 24 March 2011, Nikos Mavrogiannopoulos wrote:
> Hello,
>
> The just-released gnutls 2.12.0 includes support for security
> modules such as smart-cards via the PKCS #11 API. More
> details are available at:
> http://www.gnu.org/software/gnutls/manual/html_node/PKCS-_002311-tokens.htm
> l#PKCS-_002311-tokens
>
> It should be noted however that PKCS #11 is an old
> API with few problems. If you expect the PKCS #11 modules
> to be used by multiple crypto libraries, we suggest that you
> use the intermediate module p11-kit. It is available at:
> http://p11-glue.freedesktop.org/
Aside from p11-kit, has GnuTLS PKCS #11 been tried with the OpenCryptoki [1] /
Trousers [2] stack (or glue, whichever wording is more appropriate)? I'm
asking just out of curiosity as we're using OpenCryptoki/Trousers and NSS
presently, since there had not been PKCS #11 support in GnuTLS when we started
out with our project [3], which could also profit from the now-available PKCS
#11 support in GnuTLS.
Kind regards,
Christian
[1] http://sourceforge.net/projects/opencryptoki/
[2] http://trousers.sourceforge.net/
[3] https://sourceforge.net/projects/evolution-kolab/
--
kernel concepts GbR Tel: +49-271-771091-14
Sieghuetter Hauptweg 48
D-57072 Siegen
http://www.kernelconcepts.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110325/8bb05b05/attachment.pgp>
More information about the Gnutls-devel
mailing list