[kmf-discuss] getting info on TA certificate
Jan Pechanec
Jan.Pechanec at Sun.COM
Mon Feb 11 09:31:29 PST 2008
On Mon, 11 Feb 2008, Wyllys Ingersoll wrote:
>> I think that normally an application doesn't need to know what is in
>> the policy database. I can see now only one reason why I need to know that -
>> to find out whether I can accept certificates with RSA or DSS signatures. So
>> I was wondering whether I can get such info without parsing the policy file
>> myself.
>>
>> cheers, Jan.
>
>I don't think you should have to parse the policy file yourself. When
I agree wholeheartedly :-)
>ta_name = handle->policy->ta_name;
>
>However, the KMF_HANDLE is intentionally opaque, so it looks like maybe
yes
>we should just
>add a couple of functions to return the values to you.
>
>kmf_get_policy_ta(KMF_HANDLE_T, char **taname, char **taserial)
>
>Would that help?
definitely. What about to have just one function and use attributes
as input? That could be extendable without specifying new functions calls.
It's just an idea, getting taname (which I guess will be DN) is perfectly
OK.
thanks, Jan.
--
Jan Pechanec
More information about the kmf-discuss
mailing list