Mozilla can use PKCS 11 modules and uses NSS. Cert enrollment, deletion, change token password, import, client auth, signing and encrypting have been tested successfully. IButton, and ActivCard Gold work for example.
Patrick wrote: >About PKCS#11 and NSS: > >My NSS app was able to read a cert off a smartcard but *failed* to use >it for SSL client authentication. I have used a couple of different >PKCS#11 libraries with NSS, and the error message I get back are: "key >not authorized for requested operation", or "unable to digitally sign >data required to verify your certificate". > >I then got hold of another version of same PKCS#11 lib (this version >came as a sample DLL in card provider's SDK, and the documentation >states: "Warning! The PKCS#11 library shipped with this distribution is >different from the one shipped with commercial product, offering support >for Netscape Communicator.". That version of the PKCS#11 lib *worked >fine* with my NSS app: the app could read *and* use the cert for SSL >client authentication. The thing I don't get is, what wouldn't the >first version not work with my NSS app? Especially if it geared to work >with Communicator, which *is* an NSS app! > >Have you experimented any with PKCS#11 modules, and their use in NSS? > > >-- P >
