|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Muscle] Some questions about PKCS#15
From: David Corcoran (corcoran
musclecard.com)
Date: Tue Feb 08 2005 - 08:42:54 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
I'd have to look closer at the 7816-15 documentation to specifically
answer your questions, but overall, I think there is no reason why you
cannot implement the core -15 components and attributes and extend that
model.
You might put all proprietary extensions outside of the core -15
objects (which would more or less guarantee you would not have parsing
issues since other -15 implementations would not address that).
We've done a few -15 implementations and it seems that each time we define
a simple core subset of -15 that is mandatory. PKCS#15/7816-15 is like a
toolbox and everyone defines what tools they use. I would really like to
see a standard implementation guidance on minimum -15 structures needed
for interoperability for PKI on smart cards.
If I had to guess it would include:
Label
Path
Identifier (hash of the public modulus)
as the core attributes for each object, beyond that there might be a
couple more specifically for keys / certs:
KeyUsage
...
I'll look into this more when I return ....
Thanks,
Dave
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]