diff options
| -rw-r--r-- | doc/cha-cert-auth.texi | 5 | ||||
| -rw-r--r-- | doc/pkcs11-vision.dia | bin | 0 -> 2343 bytes | |||
| -rw-r--r-- | doc/pkcs11-vision.png | bin | 0 -> 22488 bytes |
3 files changed, 5 insertions, 0 deletions
diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi index 9843a2c601..61de5e6a38 100644 --- a/doc/cha-cert-auth.texi +++ b/doc/cha-cert-auth.texi @@ -335,6 +335,11 @@ certificates and public/private key pairs can be used with @acronym{GnuTLS}. It' main advantage is that it allows operations on private key objects such as decryption and signing without accessing the key itself. +Moreover it can be used to allow all applications in the same operating system to access +shared cryptographic keys and certificates in a uniform way, as in the following picture. + +@image{pkcs11-vision} + @subsection Initialization To allow all the @acronym{GnuTLS} applications to access @acronym{PKCS #11} tokens it is adviceable to use @code{/etc/gnutls/pkcs11.conf}. This file has the following diff --git a/doc/pkcs11-vision.dia b/doc/pkcs11-vision.dia Binary files differnew file mode 100644 index 0000000000..c2c72608bc --- /dev/null +++ b/doc/pkcs11-vision.dia diff --git a/doc/pkcs11-vision.png b/doc/pkcs11-vision.png Binary files differnew file mode 100644 index 0000000000..15c14f4e39 --- /dev/null +++ b/doc/pkcs11-vision.png |
