Kyle In my opinion it is not advocating if you throw in your opinion when beeing asked for. I agree that NSS is definitely very far advanced in terms of what you can do with security using SW only (and yes: there are interfaces for using HW solutions transparently built in). In some of the aspects NSS seems to me as more advanced than OpenSSL.
My problem is that some of the softwares (in fact most from the volume point of view) use OpenSSL. And as I am a selfish man I primarily look after solving my own problem. Having said that: Nothing would speak about choosing the middle layer (com tier) to be used in such a way that NSS could plug in easily. It is just not my primary focus at the moment :-) (maybe it should be). Regards Martin > I don't particularly like advocating other products here, but NSS > (from Mozilla) has a (relatively) secure PKCS#11 softoken > implementation, and it can interface with other PKCS#11 middleware. > The softoken has been FIPS-validated, at certain versions. > > -Kyle H ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
