ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Fingerprint schemes versus what to fingerprint

2016-04-11 14:51:42
from [Derek Atkins] [Permanent Link] 
Hi,

On Mon, April 11, 2016 3:42 pm, Peter Gutmann wrote:

Derek Atkins <derek(_at_)ihtfp(_dot_)com> writes:


More specifically:  when you have your card generate your key material,
you
pull off the public key and then generate your public key, compute your
fingerprint data (including OpenPGP metadata), and also create secring
data
that contains whatever PKCS#11 reference data you need to re-access that
key.
Later when you use that card/key you know how to reference it.


Where do you store all this stuff?  PKCS #11 doesn't provide a means of
storing it, you can search by something like the public key or
issuerAndSerialNumber, but not by hash-of-the-public-key-and-nonce.


Like I said, you put it into your secring.skr file.


Peter.


-derek
-- 
       Derek Atkins                 617-623-3745
       derek(_at_)ihtfp(_dot_)com             www.ihtfp.com
       Computer and Internet Security Consultant

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] [FORGED] RE: [FORGED] RE: Fingerprint schemes versus what to fingerprint, Peter Gutmann
Next by Date:  Re: [openpgp] [FORGED] RE: Fingerprint schemes versus what to fingerprint, Peter Gutmann
Previous by Thread:  Re: [openpgp] [FORGED] RE: [FORGED] RE: Fingerprint schemes versus what to fingerprint, Peter Gutmann
Next by Thread:  Re: [openpgp] [FORGED] RE: Fingerprint schemes versus what to fingerprint, Peter Gutmann
Indexes:  [Date] [Thread] [Top] [All Lists]