OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: CKM_CERTIFY_KEY plus global objects


This is not formatted as a drop in as of yet. Two parts. The first adds CKA_GLOBAL as an attribute to describe a class of objects that belong more to the implementation rather than to an initialized token. This is where a token identity key and token identity certificate would reside. I've sketched out a few global objects to explain how this might work.

Part two is the early definition of the CKM_CERTIFY_KEY mechanism which can be used by one private key to certify another private key (and its attributes) on the same token. Note that this is actually dependent on CKA_PUBLIC_KEY_INFO.

Mike

Attachment: pkcs11-global-attributes.dotx
Description: application/vnd.openxmlformats-officedocument.wordprocessingml.template



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]