On Sun, 2010-07-18 at 08:46 -0500, Stef Walter wrote:
> Well in GNOME we're implementing a foundation for usable crypto based
> around PKCS#11.
From a user point issue, it seems that Gnome Keyring manages different
types of keyrings: password, OpenPGP and OpenSSH. It has also limited
suport for PKCS#11. On my laptop , it already works with Evolution mail
reader.
My guess would be that PKCS#11 be available in Seahorse, so that users
realize that they can use token or smartcards. Also, it would be nice to
be able to generate RSA keypairs and X.509 certificates on card or
outside the card. OpenSSL and pkcs15-tool commands are tedious for
end-users and we need the help of a GUI. Seahorse should be that GUI.
Then IMHO Gnome Keyring should advertise for available keyrings. It is
the job of applications to pick-up the keyrings they needs. Is there any
difference with your design?
In Nautilus, it is interesting to be able to encrypt any file on demand
using a right click. For example, I store the PNG images of my identity
card and passport (the paper version) in GPG. This is easier than using
PKCS commands to encrypt a file.
Could you tell us more of your plans before your talk?
Also as explained in a private email, do not hesitate to ask for free
smartcards if this can helpful for your project. Gooze will make its
best efforts to support you.
Kind regards,
--
Jean-Michel Pouré - Gooze - http://www.gooze.eu
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
