I've read somewhere (don't remembere where, sorry) that someone was arguing about the use of 'best-slot'. But in real application, supported by a graphical interface or by a server infrastructure using HSMs (Hw security modules), the application has these infos from othe sources (the end-user or some application configs), so I believe that the XmlSec should perform what previously selected by the application, not doing some sort of 'best-selection' whose criteria are not well defined.
Well, I don't think you are correct. NSS provides "best slot" functions exactly for this purpose. User selects which operations should be performed on which slot, you configure NSS that way and everything magicaly works. As far as I know, this is how Mozilla uses NSS (you might want to ask for more details in NSS mailing list).
Aleksey
_______________________________________________ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec
