ANNOUNCE: p11-kit 0.19.2

Ludwig Nussel ludwig.nussel at
Mon Aug 19 06:05:55 PDT 2013

Stef Walter wrote:
> On 25.07.2013 20:58, Stef Walter wrote:
>> On 25.07.2013 14:35, Ludwig Nussel wrote:
>>> Stef Walter wrote:
>>>> This is an unstable development release.
>>>> Of note, is that in this release the default path for user config is
>>>> changed to fit in line with the XDG basedir spec. By default user
>>>> config is loaded from ~/.config/pkcs11
>>>> What's new in 0.19.2
>>>> --------------------
>>>>    * Add basic 'trust anchor' command to store a new anchor
>>>>    * Support for writing out trust token objects
>>>>    * Port to use CKA_PUBLIC_KEY_INFO and updated trust store spec
>>> That one (7d4941715b5afc2ef8ea18716990d28965737c70) breaks all the
>>> exporting and the workaround for the Entrust Root
>>> ( causes an error
>>> message to be printed.
>> Yes. That's right. The attributes involved in stapled certificate
>> extensions have been in flux (as stated in the file and elsewhere). I've
>> posted a new revision of the spec regarding this recently. Thus the changes.
> Attached is the new .p11-kit supplemental file. Note that the file
> format is not yet stable or public, thus the changes. The aim is to have
> the PKCS#11 attributes in the format be stable before 0.20.x

Thanks. What tool do you use to encode/decode those attributes from/to
the proper format?


  (o_   Ludwig Nussel
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)

More information about the p11-glue mailing list