relyea or other contributors to https://developer.mozilla.org/en-US/docs/PKCS11_FAQ :
Can you please give some references to the "other products [which] have managed to get it to work in their environment"? Thanks. -Kyle H On Wed, Sep 11, 2013 at 6:10 PM, Kyle Hamilton <aerow...@gmail.com> wrote: > Is the PKCS #11 module supplied with NSS accessible through a shared > library? > > Yes, the token is call softokn3 (softokn3.dll on windows, libsoftokn3.so > on most unix platforms). The NSS softokn3 is not a complete PKCS #11 > module, it was implemented only to support NSS, though other products have > managed to get it to work in their environment. There are a number of bugs > against softoken's non-compliance, but these bugs have lower priority than > fixing NSS's non-complient uses of PKCS #11 or adding new features to NSS. > > > On Tue, Sep 10, 2013 at 9:24 PM, Elio Maldonado Batiz < > elio.maldonado.ba...@gmail.com> wrote: > >> Hi Kyle, >> >> nss3.dll is a not PKCS #11 module as it has no crypto, softokn3.ddl (.so) >> and freebl3.sll (.so) do. softoken is nss's own internal PKCS #11 >> cryptographic module which nss loads just like any other pkcs #11 module, >> software or hardware based. >> >> Good starter documents are >> https://developer.mozilla.org/en-US/docs/NSS_reference and >> https://developer.mozilla.org/en-US/docs/NSS#Background_Information >> and https://developer.mozilla.org/en-US/docs/NSS/NSS_API_GUIDELINES has a >> layering diagram >> >> -Elio >> >> >> On Sat, Aug 24, 2013 at 6:02 PM, Kyle Hamilton <aerow...@gmail.com> >> wrote: >> >> > Hi, >> > >> > I'm finding myself in a situation where I need to use the certificates >> and >> > keys stored in my standard NSS profile in other applications. >> > >> > My initial, naïve idea was that NSS itself is a PKCS#11 module. >> > Unfortunately, this appears to be not the case. When trying to find the >> > right DLL to load into IBM Notes I found that nssckbi.dll is recognized >> as >> > a valid PKCS#11 module, but nss3.dll is not. (Neither are nssdbm3 or >> > nssutil.) >> > >> > Is there any plan to export the NSS softoken functionality as an actual >> > full PKCS#11 token? Or is it intended never to actually operate as >> such? >> > >> > -Kyle H >> > -- >> > dev-tech-crypto mailing list >> > dev-tech-crypto@lists.mozilla.org >> > https://lists.mozilla.org/listinfo/dev-tech-crypto >> -- >> dev-tech-crypto mailing list >> dev-tech-crypto@lists.mozilla.org >> https://lists.mozilla.org/listinfo/dev-tech-crypto >> > > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
