> > > Mark Hobbs wrote: > > >> Thanks for this Bob, unfortunately the behaviour still remains > > >> unchanged, as > > >> soon as I go to the login page of my Yahoo account I get a > > smartcard PIN > > >> request screen, which is strange as the Yahoo login is not even SSL. > > >> > > >> I am not convinces the behaviour was the same with FireFox 1.07 > > >> so I'll try > > >> to pop that back on another machine and see. > > >> > > > > > > Right, I have tried exactly the same smartcard token using > FireFox 1.07 > > > (admittedly using Windows 98 but with the same PKCS11 driver > > for FF) but I > > > neither get the timeout (after approximately 10 minutes of > > inactivity on a > > > client authenticated SSL site) or the need to enter my > > smartcard password as > > > soon as FireFox browses to a normal SSL site (no client > authentication). > > > > > > As far as I can see things look to have changed within FireFox > > V1.5. Does > > > anyone with more detailed knowledge of FF know if this is > likely, it is > > > certainly a backwards step if true? > > > > > The only addition in FF 1.5 that is smart card related is the smart card > > monitoring thread. FF starts up a thread looking for token insertions an > > removals. There may be some bad interaction between the PKCS #11 module > > and the insertion/removal detection code. It may be a race condition in > > your PKCS #11 module. If the PKCS #11 module advertises itself as > > thread-safe, then the problem could be in FF (NSS is supposed to protect > > the token against multiple entries with locks). If the token does not > > advertise itself as thread safe, then it's like a problem in > the module). > > > > If FF 1.07 does not have the behavior, then it is not a configuration > > issue like I surmised in my previous post. > > > > bob > > > Thanks Bob. > I've forwarded this to our support contact to see what they come > back with. > It would be good to know where the fault lies so we can progress it to a > conclusion.
I've also now tested this with Mozilla 1.7.12 and this behalves correctly. What I don't know is if Mozilla 1.7.12 is more equivalent to FF1.07 or FF1.5 in respect of smartcard handling. > > > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
