Self introduction

Stef Walter stefw at
Fri Dec 9 07:51:21 PST 2011

On 2011-12-07 00:52, Jaroslav Imrich wrote:
> Hello all,

Hi, good to hear from you.

> I am new to this list so please let me introduce myself first. My name
> is Jaroslav Imrich, I am from Slovakia and I've started SmartCardTools
> project [1] few months ago. There are not many information available
> about this project yet, but in general I would like to develop two apps:
> APP1. Card Management application with intuitive GUI that would allow
> anyone to manage PKCS#11 compatible devices

BTW, we've integrated some PKCS#11 management into Seahorse (the GNOME
key manager) as well, and hopefully more will come. I'm just completing
a project to get basic smart card operations working in Seahorse.

The big thing that's missing with all these solutions is of course:
initialization of smart cards :S And that's because each smart card does
it differently.

> APP2. Daemon and client library that would allow remote access for
> PKCS#11 enabled devices

gnome-keyring has a protocol in the rpc-layer code which allows
marshalling of a good deal of pkcs11 to another process. In fact
Corentin Chary has taken that code and and stripped it down into a
project called pkcs11-proxy [1].

We were thinking of including that RPC functionality in p11-kit. Is that
something that would interest you?

BTW, if you're going to do any PKCS#11 work you should take a look at
p11-kit [2]. It solves some of the issues of configuration, and sharing
of PKCS#11 modules between multiple consumers in the same process.

> I've already started some coding and developed PKCS11-LOGGER - library
> that just logs all function calls and forwards them to other PKCS#11
> library. One can say it's no big deal and it's just a clone of
> PKCS11-SPY but I have learned a lot about PKCS#11 interface during its
> development. 

Yes, that's a great start. Developing one of those [3] helped me
understand a lot more about pkcs11 as well. :)

> I have to say that I like the way how Microsoft integrated cryptography
> into their operating systems (with concept of CSPs, unified certificate
> dialogs etc.) and I really miss something similar on Linux desktop.

There's a lot of work being done for that in the Gcr project [4]. It
includes standard certificate viewers, and stuff like that. Not
completely "done" yet, but useful already.

> Therefore I am very happy that p11-glue project exists and tries to make
> cryptography on Linux desktop more consistent and usefull. I've joined
> this list because I believe we have same interests and maybe we could
> share some ideas or even join the development forces. 

Cool, sounds great.







More information about the p11-glue mailing list