Support for PKCS cryptocards..
Pekka Savola
pekkas at netcore.fi
Sat Dec 1 03:37:30 EST 2001
On Sat, 24 Nov 2001, Markus Friedl wrote:
> On Sat, Nov 24, 2001 at 10:12:18AM +0200, Pekka Savola wrote:
> > Hello all,
> >
> > You may find this interesting:
> >
> > http://jemmari.tky.hut.fi/sc/
> >
> > Here in Finland, we have cryptocards which have a PKCS#15 interface. They
> > already have RSA keys stored in them, and can be used in various
> > applications. I'm sure they're getting more common elsewhere too.
>
> but you don't wan't to reuse keys?
Sorry for the delay, I forgot to answer this message.
The card has a static keypair that cannot be removed; the private key
cannot be read. In that context, if you want to replace the keys, or
substitute the key with your current one, it's impossible.
However, most cards have free memory for storing additional keys,
certificates etc., so if you're so inclined, you might be able to use
those more flexibly. Nothing prevents from reading the private key
though.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
More information about the openssh-unix-dev
mailing list