Am 04.05.2010 21:10, schrieb Robert Relyea: > If the token is marked with the publically readable certs/friendly > flag, then NSS will not try to authenticate to it before looking up > certs and depend on the public key semantics to identify 'user' certs.
> If your token does not have a public key for every private key with the > matching CKA_ID, and you mark your token as friendly, your certs will > not appear to be user certs and NSS will not attempt to use them. Did you mix public and private key here? I thought NSS looks for the public key with the matching ID first and the private key is looked up later, when the user actually chose the cert belonging to it. MH -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
