On Thu, 2016-03-17 at 15:18 +0000, David Woodhouse wrote: > > > I am still strongly opposed to introducing this behaviour to the existing > > functions. The nickname functions already have significant magic attached > > to them, both in parsing from NSS APIs and in providing to NSS APIs > > (filtering or setting the token via parsing or adding to the token name, > > respectively). This would definitely break Chrome's use of the API, and > > for that, I think it should be an unacceptable change as it is not backwards > > compatible. > > Please could you explain the breakage? This should only change behaviour > if you provide a "nickname" which happens to be a valid PKCS#11 URI to the > PK11_FindCertFromNickname() function. Does Chrome do that, and depend on > the failure that it gets? Otherwise, how could anything break?
Ryan? Unless you are able to provide an explanation of how this would "break Chrome's use of the API", I shall continue to assume that your statement was false, and design accordingly. I certainly can't see how it could have any basis in reality. -- dwmw2
smime.p7s
Description: S/MIME cryptographic signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
