Subrata Mazumdar wrote:
Thanks Nelson. My comments are inline.Nelson Bolyard wrote:Yes, I was referring to that work of PKCS#11 module that interface to MS CAPI. Since I saw the code under .../nss/lib/ckfw directory of FF3, I thought that it is going to be supported.Subrata Mazumdar wrote, On 2008-02-28 17:18:I have two question about configuartion of PKCS#11 module in Firefox 3:- is there any documentation on how to configure MS CAPI as PKCS#11 module in Firefox 3 and certutil?MS CAPI is not a PKCS#11 module, and cannot be configured to be a PKCS#11 module. MS CAPI uses MS's own crypto API. One of the NSS developers has done some work to write a PKCS#11 module that interfaces to MS CAPI. That work is not (yet) an official part of NSS, and is not supported (we don't take bug reports on it). Perhaps the author will give us a status update on that work here in this newsgroup.
Eventually. It's on my plate, but lower priority than several other pressing issues. The current implementation works, but has memory leaks, and does not import trust from CAPI. It does support key import/export, generation, etc.
The existing PKCS #11 module does work, but it has a memory leak. You can use modutil or the Device manager to install it into your secmod.db just like any other PKCS #11 module.
If you have a need for it, and have the time/expertise to track down the memory leak, I would certainly review it for inclusion back into NSS.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
