[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] pkcs11-global-objects.docx: CKA_GLOBAL
On 7/3/2013 6:06 PM, Oscar K So Jr.
wrote:
Thanks Michael. No. It won't. When you initialize zeroize a token, the previous seal keys are thrown away and any key material sealed by that seal key is no better than random bits. When you re-initialize the token, you generate a new seal key - which basically CAN'T unwrap the previously sealed keys. That explanation is with the description of what seal keys are - pkcs11-global-objects.docx - on the pkcs11 doc store. Mike |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]