From 95953b193541a0083a7e55965c5e0b2c6c8d9c4e Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed, 26 May 2010 16:59:12 +0200
Subject: Added sketch for PKCS #11 usage.

---
 doc/cha-cert-auth.texi |   5 +++++
 doc/pkcs11-vision.dia  | Bin 0 -> 2343 bytes
 doc/pkcs11-vision.png  | Bin 0 -> 22488 bytes
 3 files changed, 5 insertions(+)
 create mode 100644 doc/pkcs11-vision.dia
 create mode 100644 doc/pkcs11-vision.png

(limited to 'doc')

diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi
index 9843a2c601..61de5e6a38 100644
--- a/doc/cha-cert-auth.texi
+++ b/doc/cha-cert-auth.texi
@@ -335,6 +335,11 @@ certificates and public/private key pairs can be used with @acronym{GnuTLS}. It'
 main advantage is that it allows operations on private key objects such as decryption
 and signing without accessing the key itself.
 
+Moreover it can be used to allow all applications in the same operating system to access
+shared cryptographic keys and certificates in a uniform way, as in the following picture.
+
+@image{pkcs11-vision}
+
 @subsection Initialization
 To allow all the  @acronym{GnuTLS} applications to access @acronym{PKCS #11} tokens
 it is adviceable to use @code{/etc/gnutls/pkcs11.conf}. This file has the following
diff --git a/doc/pkcs11-vision.dia b/doc/pkcs11-vision.dia
new file mode 100644
index 0000000000..c2c72608bc
Binary files /dev/null and b/doc/pkcs11-vision.dia differ
diff --git a/doc/pkcs11-vision.png b/doc/pkcs11-vision.png
new file mode 100644
index 0000000000..15c14f4e39
Binary files /dev/null and b/doc/pkcs11-vision.png differ
-- 
cgit v1.2.1