On Monday, April 4, 2016, David Woodhouse <dw...@infradead.org> wrote:
> > I didn't call you a liar. I simply said that I can't see how the > statement you made could be anything but false. There are plenty of > reasons that could be the case — including my own ignorance — which > don't involve you telling a deliberate untruth. Then you can realize there are dozens of ways to state that in a more productive, less combative tone. Although you seem to believe the ends justified the means. > > Chrome has logic to preparse the nickname, which NSS does have an > > internal format for, because it can affect how we present and how we > > search. In some APIs, you need to prefix the nickname with the token > > name, while simultaneously, for our UI needs, we need to filter out > > the token name before showing it to the user. > > None of which is proposed to change. This is, of course, demonstrably false. One can no longer filter the inputs to this API if your change is accepted, because the format will have changed. For example, colon no longer becomes the separator between the token and the nickname. This is basic, so I'm not sure why you're suggesting it doesn't change. > > No. As repeatedly stated, we were *only* talking about allowing > functions like PK11_FindCertsFromNickname() to accept a RFC7512 > identifier (PKCS#11 URI) in *addition* to the existing NSS nickname > form. There is *no* way that such a change could possibly have the > effect you describe. See above. I just described to you how it can and would happen. > > Separately, we would also want to add new functions to obtain the > RFC7512 identifier for a given object. But obviously those *couldn't* > overload the existing functions to get nicknames; that would be silly. And yet it would do exactly that, when indirected through a persistence layer, which is part of the justification for this change. If the "get the nickname from this config" returns a URI, which was explicitly part of the justification for his change, then it very much is a change of a "get the nickname" function. > > <further hyperbole elided> Seriously? You're being extremely unhelpful David. Do you really think this positively contributes? You're actively trying to needle, which is entirely unhelpful to your goal. > > Regardless of tone, please try to pay attention to the actual issues, > and make sure that you're not arguing against a straw man. Please take your own advice into consideration before replying. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
