PKCS#11 support

[Tom Doligalski]

Anyone know if Entourage 2004 is PKCS (Public Key Cryptograpy
Standard) #11 compliant? This is the standard that specifies the API
for cryptographic tokens.

- Tom

 

[Walt Basil]

Anyone know if Entourage 2004 is PKCS (Public Key Cryptograpy
Standard) #11 compliant? This is the standard that specifies the API
for cryptographic tokens.

- Tom

I'm not sure what specific standards it uses, but I am able to digitally
sign and encrypt my e-mail using a CA from Verisign.

 

[Chris Ridd]

I'm not sure what specific standards it uses, but I am able to digitally
sign and encrypt my e-mail using a CA from Verisign.

Since it seems to use the standard Apple keychains for CA certs and holding
personal keypairs, I *strongly* suspect it is using Apple's CDSA library,
aka Security.framework. (The UI when you view a cert looks remarkably
similar to the UI that Security.framework offers in this scenario, so I
**strongly** suspect this is the case

You should find out if Apple's framework uses PKCS#11. I think it does, but
if you've got specific needs you should check with Apple yourself.

Cheers,

Chris

 

[Tom Doligalski]

Let me be more clear: I know how to use S/MIME to digitally sign and
encrypt messages using certs that are located physically on the
machine. PKCS#11 extends this to allow for certs that are located on
other hardware devices (such as a smartcard). Currently Mozilla,
Thunderbird, etc. support this standard.

- Tom

 

[Chris Ridd]

Let me be more clear: I know how to use S/MIME to digitally sign and
encrypt messages using certs that are located physically on the
machine. PKCS#11 extends this to allow for certs that are located on
other hardware devices (such as a smartcard). Currently Mozilla,
Thunderbird, etc. support this standard.

- Tom

Well, you need to check what Security.framework can do.

<http://developer.apple.com/documentation/Security/Conceptual/Security_Overv
iew/Introduction/chapter_1_section_1.html>

Cheers,

Chris