Angelo Rosenfelder schrieb: > Hi, > > I have got a smart card here with 2 certificates on it (it's officially > distributed in switzerland for digital signatures). They both have the > same CKA_Subject, but different CKA_Label.
(...) > So there is no possibility that the requested signing cert is ever > returned, and so I am not able to sign mails with my signing cert. I finally filed a bug (#403910) about this problem (I don't think it really has something to do with non-rep / DigSig, this problem also could occur with 2 DigSig certs), since it is a quite important issue for us here in switzerland. Here in switzerland, such tokens are sold by the swiss post, but at the moment, those tokens cannot be used with Mozilla Thunderbird (basically all NSS products). I'm charged by the swiss post to help you to fix this, since they would like to be able to recommend Mozilla Thunderbird too. When I use other e-mail clients (such as MS Outlook for example) I can use the token (which is a completely legal and correct initialized token) as I want. How fast do you think this problem can be fixed? My solution proposed in the mentioned bugreport seems to be correct, but needs verification, and it is just a small fix. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
