Peter Koch wrote: ...
OpenSwan should NOT assume that the key has the same ID as the certificate as this cannot be true for cards that have more than one certificate per key.
the pkcs11 (and pkcs15) ids are not unique ids. It is possible that there is more than one cert with a specific id (actually, all cert belonging to a specific private key should have the same id as the corresponding private key as otherwise it would be difficult to find the private key for a certificate). Cheers, Nils _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel