[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A PKI Question: PKCS11-> PKCS12

To: ietf-pkix@xxxxxxx, raghavh@xxxxxxxxxxxxxxx
Subject: Re: A PKI Question: PKCS11-> PKCS12
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Wed, 28 Nov 2001 19:57:45 +1300 (NZDT)
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

"RAGHAVENDRAN H. (SSG) - CTD, Chennai." <raghavh@xxxxxxxxxxxxxxx> writes:

>Myself and my friend had an discussion in which he says that when I put a
>private key/certificate pair into a smart card device (such as GPK 4000), it
>is impossible to read the information and create a PKCS12 file (disk based)
>out of it.
>
>I find it mighty strange. For example, I might want to swap my certificate/key
>pair from one smart card to another and I might want to do it via the PKCS12
>format.

Just out of interest (for a paper I'm working on), why do you want to move the
private key around?  There seems to be an amazing demand for this, with reasons
ranging from logical ("We're experimenting with the technology and want to move
keys around different systems for testing") through to the questionable ("We
want to share the same key across all our servers") through to the bizarre ("We
don't know, we just need to do it").  I'd be interested in hearing any other
reasons people have heard for moving keys around (apart from obvious ones like
key backup).

Peter.

Prev by Date: Re: draft-yoon-pkix-wireless-internet-00.txt
Next by Date: I-D ACTION:draft-ietf-pkix-rfc2510bis-05.txt
Previous by thread: RE: A PKI Question: PKCS11-> PKCS12
Next by thread: RE: A PKI Question: PKCS11-> PKCS12
Index(es):
- Date
- Thread