OpenSSH PKCS#11merge
Alon Bar-Lev
alon.barlev at gmail.com
Sun Nov 11 06:43:52 EST 2007
Peter,
I am looking forward to continue working with you...
Best Regards,
Alon Bar-Lev.
On 10/14/07, Alon Bar-Lev <alon.barlev at gmail.com> wrote:
> On 10/14/07, Peter Stuge <stuge-openssh-unix-dev at cdy.org> wrote:
> > Hi,
> >
> > On Sat, Oct 13, 2007 at 06:13:22PM +0200, Alon Bar-Lev wrote:
> > > I will be happy to continue working with you on this one... I hope
> > > you did not give up :)
> >
> > Not given up, just no free time. Your previous message is still in my
> > inbox, waiting for a reply. :\
>
> Oh!
> That's good.
>
> > > The major issue I need to know:
> > > a. Do you think the agent protocol should be modified, as per my
> > > explanation?
> >
> > Short answer: No
>
> Well... I will wait for your long answer, as this is the most
> important issue and we need to make sure we understand how to
> continue...
>
> > > c. Do you think the utility that shows available PKCS#11 ids be
> > > part of ssh-add or separate utility?
> >
> > Hm, maybe separate? But I read between the lines that you weren't
> > planning on implementing p11 support in ssh without the agent?
>
> I haven't done this because it is harder to maintain an external patch
> with too much upstream modifications. If we going to merge it should
> agentless mode should also be supported (The same as current OpenSC
> specific implementation).
>
> > > d. I need allocation of options (short parameter names) for PKCS#11
> > > options.
> >
> > This is another good reason to investigate upstream attitude towards
> > p11. After all, portable OpenSSH is just a derivative.
>
> OK. I will wait for a reply regarding this.
>
> I will have some more patience... :)
>
> Best Regards,
> Alon Bar-Lev.
>
More information about the openssh-unix-dev
mailing list