On 03/16/2010 03:48 AM, Jean-Marc Desperrier wrote: > Robert Relyea wrote: >>> The crypto object offers a logout method that does it. >>> > >>> http://mxr.mozilla.org/security/source/security/manager/ssl/src/nsCrypto.cpp#2875 >>> >>> > >> This will get Anders what he needs right now. (side effect, everything >> is logged out). > > Robert, I see now that I somehow missed yesterday this code calls > SSL_ClearSessionCache in addition to PK11_LogoutAll. > > ClearSessionCache without the LogoutAll side effect would be simple > too implement and quite useful, if the function that clear all the > state associated to the current windows isn't implemented. I agree. It would be good to clear the cache without logging out of all your tokens. > > That function could have a flag to either reset only the frame that > executes the script, or go downward to recursively reset all objects > loaded by that frame. This would be useful (and probably sufficient) as well. It is a bit of a hammer to clear all the cache entries. Right now mozilla has the ability to execute java script bases on insertion an removal of smart cards. It would be helpful for servers using that script if they could invalidate their own cache on the client side.
bob
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
