Thanks Nelson for that detailed answer. I am wondering that this
issue has been untouched for the last years. Maybe in the past
security devices using external pinpads or biometric authentication
were not that popular.
Right. They're still not very common, AFAIK, at least in the USA.
> But as you said, its more an client app problem
using NSS and not providing a proper callback for that scenario.
Nelson B wrote: > The solution is to get mozilla's password callback function,
PK11PasswordPrompt, (see http://lxr.mozilla.org/mozilla/source/security/manager/ssl/src/nsNSSCallbacks.cpp#120
to call PK11_ProtectedAuthenticationPath() and use its answer. Since there is no full-time staff working on PSM now (PSM is the part of the mozilla browser that interfaces to NSS), this change is not likely to happen until some volunteer constributes a patch that does it (hint, hint).
I'll take a look at it. But if i fix something i have to recompile only
the psm part of mozilla? Maybe just one psm DLL containing a new callback for ProtectedAuthPath?
I haven't built PSM myself, but I'm pretty sure that the function you would change is just in one DLL, and that you'd only have to rebuild that DLL.
Regards
Chris
Regards, -- Nelson B
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
