[openssl-dev] Ubsec and Chil engines
Richard Levitte
levitte at openssl.org
Mon Feb 22 15:00:34 UTC 2016
In message <347004c001fd430aadadceac908e68a2 at ustx2ex-dag1mb1.msg.corp.akamai.com> on Mon, 22 Feb 2016 14:46:28 +0000, "Salz, Rich" <rsalz at akamai.com> said:
rsalz> > If we integrate the support natively into OpenSSL, then PKCS#11 URIs (see
rsalz> > RFC7512) can be first-class citizens throughout the crypto and SSL APIs. Any
rsalz> > function which takes a filename for a cert or key should also accept¹ a
rsalz> > PKCS#11 URI.
rsalz>
rsalz> It'd be great to see a crypto/pkcs11 directory with full native support (as much as possible).
rsalz>
rsalz> But really doubtful to happen in 1.1 as the API freeze is in a month.
Yeah, 1.1 is unrealistic, I'm sorry to say.
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-dev
mailing list