Derek Atkins <derek(_at_)ihtfp(_dot_)com> writes:
Are you expecting this would work in a vacuum? I.e., would you expect that
you can take your OpenPGP smart card to a fresh system on which you've never
used OpenPGP ever and be able to plug in that smart card and have it be able
to sign a document?
I'm not sure what OpenPGP cards have to do with this, since I'm talking about
PKCS #11. I can use a PKCS #11 device with X.509, with S/MIME, with TLS, with
SSH, with IKE, and quite probably with a number of other, lesser-known
Internet security protocols. The one significant one I can't use it with is
PGP.
Is this a real use case?
Yes, see above.
It depends. If I've got an X509 cert I can convert that to an OpenPGP cert,
and all the appropriate metadata is there.
You still can't use it with PKCS #11.
Peter.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp