Re: gnome-keyring PKCS#11 config file /etc/xdg/pkcs11.conf[.defaults]

From: Nikos Mavrogiannopoulos <n mavrogiannopoulos gmail com>
To: Stef Walter <stefw collabora co uk>
Cc: Dan Winship <danw gnome org>, "gnome-keyring-list gnome org" <gnome-keyring-list gnome org>
Subject: Re: gnome-keyring PKCS#11 config file /etc/xdg/pkcs11.conf[.defaults]
Date: Wed, 22 Dec 2010 19:03:05 +0100

On Wed, Dec 22, 2010 at 5:26 PM, Stef Walter <stefw collabora co uk> wrote:

> So to do that we have a config file which consists of:
> /etc/xdg/pkcs11.conf.defaults
> /etc/xdg/pkcs11.conf
> The second one is loaded after the first and overrides the first. These
> are XDG desktop files (ie: used with the GKeyFile API). /etc/xdg is the
> standard directory for system-wide desktop configuration.

What is the format and contents of those files? If they are intended to be
broadly used, I think the format should be kept as simple. If you have
any suggestion on that, let me know to include it in the fosdem talk
as a discussion point.

> In the files we use PKCS#11 URIs [4] to identify which slots to use for
> what. One problem is that there is no way to specify the module file
> name in a PKCS#11 URI. This prevents us from an airtight identification
> of the relevant PKCS#11 slot. I'll bring this up to the PKCS#11 URI authors.

Actually the -03 version of pkcs11url can specify the module. We use it already
in gnutls to specify precisely an object. The options referring to library are:
library-manufacturer, library-description and even library-version...
Unless I didn't get what is meant by library.

regards,
Nikos

Follow-Ups:
- Re: gnome-keyring PKCS#11 config file /etc/xdg/pkcs11.conf[.defaults]
  - From: Stef Walter

References:
- gnome-keyring PKCS#11 config file /etc/xdg/pkcs11.conf[.defaults]
  - From: Stef Walter

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]