On 2012-04-02 21:07, Robert Relyea wrote: > On 03/27/2012 01:00 AM, helpcrypto helpcrypto wrote: >> Cough, cough...exit(CKR_OK) != return CKR_OK...cough, cough >> Now cert8 is modified always (with or without our module). >> >> Anyway, can someone tell me why cert8 is rewrited on each run/close? > Because that's how the old berkeley DB works. It's weirdness like this > that caused us to implement the new sql-lite db. It just hasn't been > integrated into mozilla yet.
I think that NSS is in need of a major upgrade: http://nelenkov.blogspot.se/2011/11/ics-credential-storage-implementation.html PC-based *NIX will soon be the only system lacking a *unified* keystore scheme based on a system service. Anders > > bob >> >> On Tue, Mar 27, 2012 at 9:18 AM, helpcrypto helpcrypto >> <helpcry...@gmail.com> wrote: >>> Hi all. >>> >>> Due some problems using Thunderbird ESR, we have found the following, >>> and would like to ask the experts... >>> >>> We have noticed Thunderbird 10.3 (probably older versions too) >>> "rewrites" cert8.db each time it closes. The file its the same, but >>> the modified date has changed. >>> - Is this normal? >>> - There is a technical/security reason? >>> >>> More test have shown cert8.db is not modified/rewrited after adding >>> our PKCS#11 module in secmod.db. (!) >>> Our PKCS#11 is working OK for a long time without any problems, but >>> there must be something wrong in here to prevent the "default >>> behaviour", right? >>> Why is this happening? >>> >>> Going to test on a debug environment to get some traces. > > > > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
