Added sketch for PKCS #11 usage.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-05-26 16:59:12 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-06-03 19:54:55 +0200
commit: 95953b193541a0083a7e55965c5e0b2c6c8d9c4e (patch)
tree: d408b4e831db034e99ad0e7e0258610968147f41 /doc/cha-cert-auth.texi
parent: d8622cfc7028b9a24bf0b992473d268e18831537 (diff)
download: gnutls-95953b193541a0083a7e55965c5e0b2c6c8d9c4e.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi
index 9843a2c601..61de5e6a38 100644
--- a/doc/cha-cert-auth.texi
+++ b/doc/cha-cert-auth.texi
@@ -335,6 +335,11 @@ certificates and public/private key pairs can be used with @acronym{GnuTLS}. It'
 main advantage is that it allows operations on private key objects such as decryption
 and signing without accessing the key itself.
 
+Moreover it can be used to allow all applications in the same operating system to access
+shared cryptographic keys and certificates in a uniform way, as in the following picture.
+
+@image{pkcs11-vision}
+
 @subsection Initialization
 To allow all the  @acronym{GnuTLS} applications to access @acronym{PKCS #11} tokens
 it is adviceable to use @code{/etc/gnutls/pkcs11.conf}. This file has the following
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-05-26 16:59:12 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-06-03 19:54:55 +0200
commit	95953b193541a0083a7e55965c5e0b2c6c8d9c4e (patch)
tree	d408b4e831db034e99ad0e7e0258610968147f41 /doc/cha-cert-auth.texi
parent	d8622cfc7028b9a24bf0b992473d268e18831537 (diff)
download	gnutls-95953b193541a0083a7e55965c5e0b2c6c8d9c4e.tar.gz