Re: Looking for Certificate Database management cues...

> I think e.kabarie is concerned with attacks that would inject bogus CA > certs into the client's cert DB and mark them as trusted. > Yes! That's exactly the thing... > E.Kabarie: > > The difficulty with your problem statement is that it lacks a threat > model.  You seem to suggest that an attac

Re: WISeKey root CA certificate inclusion request

Eddy Nigg (StartCom Ltd.) wrote: > No comment has been added to the bug > https://bugzilla.mozilla.org/show_bug.cgi?id=371362 after a request for > more information was made by me. Is there a way to wake them up somehow? > Just want to make sure, that they are aware that there are some > questi

Re: PKCS#11 software token & concurrent database access

Nelson Bolyard wrote: > Joe Orton wrote, On 2008-02-07 00:46: > >> Hi. When using the libsoftokn3.so PKCS#11 provider, is it safe to open >> a read-only session to a database which is opened read-write by another >> process (e.g. Firefox)? (By "safe", I mean simply that the provider >> will

Re: PKCS#11 software token & concurrent database access

Nelson Bolyard wrote: Joe Orton wrote, On 2008-02-07 00:46: Hi. When using the libsoftokn3.so PKCS#11 provider, is it safe to open a read-only session to a database which is opened read-write by another process (e.g. Firefox)? (By "safe", I mean simply that the provider will not crash and

Re: Looking for Certificate Database management cues...

Nelson Bolyard wrote: Arshad Noor wrote, On 2008-02-06 06:38: The issue isn't with certificates; it is with private keys. Arshad, I think e.kabarie is concerned with attacks that would inject bogus CA certs into the client's cert DB and mark them as trusted. In the shared databas

Re: Looking for Certificate Database management cues...

D3|\||\|!$ wrote: The issue isn't with certificates; it is with private keys. I disagree with you...What if somebody deleted the private key from key3.db and its associated certificate entry in cert8.db??? Then added his own thing and went around playing with it...??? The keys in the k

Re: PKCS#11 software token & concurrent database access

Joe Orton wrote, On 2008-02-07 00:46: > Hi. When using the libsoftokn3.so PKCS#11 provider, is it safe to open > a read-only session to a database which is opened read-write by another > process (e.g. Firefox)? (By "safe", I mean simply that the provider > will not crash and burn if Firefox mo

PKCS#11 software token & concurrent database access

Hi. When using the libsoftokn3.so PKCS#11 provider, is it safe to open a read-only session to a database which is opened read-write by another process (e.g. Firefox)? (By "safe", I mean simply that the provider will not crash and burn if Firefox modifies something underneath it) joe _