On 1/1/09, Martin Paljak <[email protected]> wrote: > > %%%%%%%%%% Here you can see that two applications may sign, even one > > application may delete the key at the same time the other application > > sign using it... How can it be if both applications cannot > > authenticate at the same time? > > > > I'm not justifying the current implementation nor want to say that multiple > applications should not be supported, I just don't see in the v2.20 or 2.11 > spec where it specifically forbids for an implementation from locking > another application or thread from a shared resource if the implementation > decides it wants to by blocking cryptoki calls until the resource is > available again.
I will ignore the mutex same you gave, as mutexes are for locking memory regions and not operations.... But I guess you already know that, and try to tweak the standard. It is just as you try to conclude application level locking from lowlevel PC/SC locking. if you actually read the last paragraph, and did not understand that two authenticated application MUST be allowed to access the token at the same time I give up. I comfort in the fact that every other implementation did understand the spec correctly. Alon. _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
