[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] PKCS#11 Object Uniqueness error codes
On 15/07/2014 2:54 AM, Oscar So wrote: > The uniqueness can only be applied to a set of defined domains or a > centralized server that generates CKA_ID and all application must go > through this server. > For example, the CKA_ID can only be guaranteed to be unique within > these 3 servers. > > Currently, one CKA_ID is tied to all of the below objects: > CKO_PUBLIC_KEY > CKO_PRIVATE_KEY > CKO_CERTIFICATE > CKO_PASSWORD > So, a new attribute, CKA_UUID (or something), seems to be a good idea > which identify every CKO_* object uniquely. > > This is for PKCS #11 v3.00 Actually that sort of change could be added into a v2.41 if we wanted to do so. There is nothing as yet which commits to moving straight to a v3.0 - and the list of items for v3.0 are somewhat broad so the time frame is unclear (to me at least). BTW I assume CKO_PASSWORD is a vendor specific extension of yours or a typo or did you mean CKO_SECRET_KEY? Tim.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]