[kmf-discuss] getting info on TA certificate
Jan Pechanec
Jan.Pechanec at Sun.COM
Fri Feb 22 11:26:18 PST 2008
On Fri, 22 Feb 2008, Wyllys Ingersoll wrote:
>> In our current design, the only way that a user can add/delete/modify/create
>> a policy is thru the kmfcfg command.
>> If we make these APIs to be public, then we will allow a user to
>> add/delete/modify/create a policy by calling the APIs
>> directly.
>> Huie-Ying
>
> True - those functions are supposed only consumed by kmfcfg by design.
>
> Jan - do you think we *need* to expose and document all of the policy
> functions?
> My guess is no, although kmf_get_policy and kmf_set_policy are useful and
> should
> be documented if they are not already. The rest can probably remain private.
sure, the thing is that any user is allowed to
add/delete/modify/create policy anyway but of course if these are not
intended to be used by users that definitely let's not document them.
but note that they are already all public - check libkmf(3lib)...
--
Jan Pechanec
More information about the kmf-discuss
mailing list