Chris wrote: > If you're going to personalize the token via a P11 module then the SO > PIN must be submitted before creating the user PIN. From PKCS #11 v2.11: > > "C_InitPIN can only be called in the R/W SO Functions state. An > attempt to call it from a session in any other state fails with error > CKR_USER_NOT_LOGGED_IN." > > Mozilla seems to understand that it needs to send the SO PIN, it just > doesn't ask the user for it. I seem to remember an older version of > Mozilla behaving correctly, but maybe not. I thought it would pop up a > "Master PIN" dialog beforehand. Netscape 4.x works that way.
I remember putting the code in Comm 4.x, but I was unaware that anyone actually got to code to work (no tokens I knew of supported Initialization in this manner, they almost all required additional information at init time, so could only be initialzied by their own programs). In this case I suspect a bug against PSM may be in order. bob > > -- > // Chris > > > Ian McGreer wrote: > >> Unfortunately, no. NSS always assumes a null SO PIN. >> >> This may be worthy of an RFE. I wonder how many cards are using the SO? >> >> -Ian >> > >
