Re: gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]

From: Nikos Mavrogiannopoulos <nmav gnutls org>
To: Stef Walter <stefw collabora co uk>, gnome-keyring-list gnome org
Subject: Re: gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]
Date: Sun, 23 Jan 2011 16:53:03 +0100

On 01/22/2011 05:06 PM, Joe Orton wrote:

> I worry that a daemon would be needed in addition:
> a) to serialize access to (hardware) resources sensibly. In my testing 
> PKCS#11 modules tend to fail rather than block when you attempt to use 
> the hardware concurrently from different processes, and there are also 
> issues w.r.t. long-lived sessions.  There was a thread on moz-crypto 
> just recently about Firefox & PKCS#11 locking, perhaps related:
> http://thread.gmane.org/gmane.comp.mozilla.crypto/15784

A daemon solves some issues but causes others. Permissions to access
modules have to be implemented, and soft modules that save objects on
user's directory will be not straightforward to use.
Is parallel usage of a smart-card really an issue?

regards,
Nikos

References:
- gnome-keyring Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED
  - From: Stef Walter
- Re: gnome-keyring Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED
  - From: Joe Orton
- Re: gnome-keyring Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED
  - From: Stef Walter
- gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]
  - From: Stef Walter
- Re: gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]
  - From: Joe Orton

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]