[Help-gnutls] Gnutls Smartcard support?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Mar 5 17:14:07 CET 2009


On 03/05/2009 11:01 AM, Jonathan Manktelow wrote:
> Hi, Is there any support for using certificates on smartcards with Gnutls?

No, there does not appear to be.  I think it could be very useful to
support private keys from smartcards in GnuTLS, but it would perhaps be
even more useful to have generic out-of-process private key handling
(like ssh-agent from OpenSSH does) so that developers could implement a
smartcard-capable private key backend directly as a plugin.

This is a counterpoint to the idea of an external certificate validation
agent, which was at one point fleshed out here:

 http://redmine.josefsson.org/wiki/gnutls/GnuTLSExternalValidation

but that page seems to currently give a 404 error (Simon, the whole
redmine instance seems to be gone -- is this something you already know
about?)

Jonathan, do you have a specific smartcard that you would like to support?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090305/d707c106/attachment.pgp>


More information about the Gnutls-help mailing list