Re: [pkcs11] CKA_PUBLIC_KEY_INFO

[Michael StJohns <msj@nthpermutation.com>]

On 4/11/2013 1:23 AM, Stef Walter wrote:
> On 10.04.2013 01:35, Michael StJohns wrote:
> > Attached is an edit of the appropriate sections of PKCS11 v2.30 to add
> > support for CKA_PUBLIC_KEY_INFO.
> >
> > Additions are highlighted.  Assuming this is acceptable, I'll provide
> > the appropriate edits for the public key sections to describe the
> > encoding of the public key info field in SubjectPublicKeyInfo
> Can we have this attribute on X.509 certificates as well? That would be
> a good way of detecting whether a certificate and key match
> cryptographically.

I would tend to gravitate towards no as the certificate already contains 
exactly that information.  On the other hand if you want to use it in 
the template for FindObject it may make sense.

I'm agnostic.

> In addition I'd like to use it in a trusted certificate PKCS#11 model.
>
> Cheers,
>
> Stef
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php