Jan Pechanec wrote:
> On Thu, 14 Aug 2008, Jan Pechanec wrote:
>
>
>>> Thank you for your clarifications, which were pretty much as I expected. My
>>> only question relates to your answer to the question about key management...
>>> are you saying you believe in the future you can add use of an alternate key
>>> store using the OpenSSL library? (That seems moderately surprising to me.
>>> And
>>> I recognize its "not this project".)
>>>
>> there is a patch to our PKCS#11 engine code that adds support for
>> accessing RSA keys by reference (label). I think we need to contact OpenSSL
>> team about extending the ENGINE API before we could start using it from
>> other applications, and integrate that new engine code into Solaris.
>>
>
> forgot to mention that there is also "6479874 OpenSSL should support
> key by reference/hardware keystores" that discusses the issue. J.
>
>
Thanks for the clarification. Yeah, it would be cool if OpenSSL could
do this.
-- Garrett
