https://bugs.kde.org/show_bug.cgi?id=470751
--- Comment #3 from Juha Tuomala <t...@iki.fi> --- (In reply to Sune Vuorela from comment #1) > Some things to also be aware of: > > - The certificate will often be hardware backed (smartcard or usb dongle), > so can't really be copied around > - If it is not hardware based, do *not* copy it around. People using it for > real purposes wants to know where their keys are. A certificate consists - a public key - result of CSR (certificate signing request) which together guarantee that given public key is part of CA's system. That can be copied from smartcard and actually Windows certificate store does that. Can be done manually with pkcs15-tool as well. When using that certificate to something else than encryption, a secret key or its compatible storage is needed - like a supported HSM smartcard. HSM provides access to that secret key but not the key itself. This is enough to use that asymmetric other half, secret key.0 Certificates can and should be copied around and it's common to store them into public ldap as part of PKI - public key infrastructure for easier distribution. Unfortunately Kleopatra and KDE as whole implements more developer's twisted ideology than anything the users, normal people need. -- You are receiving this mail because: You are the assignee for the bug.
