[kmf-discuss] getting info on TA certificate
Wyllys Ingersoll
wyllys.ingersoll at sun.com
Fri Feb 22 11:12:02 PST 2008
> I have 1 concern about this.
>
> Althought these policy APIS are global function from "nm", but they
> are designed to be used by the kmfcfg command and
> the KMF framework internally only.
>
> In our current design, the only way that a user can
> add/delete/modify/create a policy is thru the kmfcfg command.
> If we make these APIs to be public, then we will allow a user to
> add/delete/modify/create a policy by calling the APIs
> directly.
> Huie-Ying
True - those functions are supposed only consumed by kmfcfg by design.
Jan - do you think we *need* to expose and document all of the policy
functions?
My guess is no, although kmf_get_policy and kmf_set_policy are useful
and should
be documented if they are not already. The rest can probably remain
private.
-Wyllys
More information about the kmf-discuss
mailing list