On Fri, Nov 8, 2013 at 12:16 AM, David Woodhouse <dwmw2 at infradead.org> wrote: >> Indeed, that's a nice feature and not too difficult to be implemented >> as PKCS #11 allows searching stored certificates using a DN. It is on >> my todo-list for quite some time but never found the time for that. >> Patches are (of course) more than welcome! > Ick, please not by name! It should be done by key ID. Actually I see there is CKA_ID and CKA_ISSUER, so one could use the first and the second as fallback. regards, Nikos
