Le mardi 26 avril 2011 à 22:28 +0300, Martin Paljak a écrit : > > > Anyway, I see what you're referring to and some of the practical > possibilities are: > a) Better documentation (in pkcs15-tool man page, wiki, etc) about > what is going on in the context of pkcs15-tool and different options. > d) Better documentation and adding something like > "--list-all-public-keys" to pkcs15-tool, to provide a combined list of > "native" public keys and ones from certificates. > c) Remove the "read public key from certificate" convenience function > to reduce such confusion > d) Moving the "create public key objects from certificates" routine > to libopensc core, creating public key objects on the fly (How to > differentiate them on PKCS#15 level?) > e) Improving pkcs15-init so that it would create a public key file > when importing certificates (what will happen with different > certificates against the same key? This would also waste EEPROM space) > > I could do a) or c), maybe also b) myself, anything else would require > a patch from somebody else.
Thanks a lot anyone for your explanations. In fact, b) sounds fine as it would allow casual users to quickly list all public keys. And sorry if I did not use derive with its real meaning. Thanks for the explanation about "read public key from certificate". Please don't remove this feature. Kind regards, -- Jean-Michel Pouré - Gooze - http://www.gooze.eu _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel