On Mon, 2016-04-04 at 16:04 -0700, Ryan Sleevi wrote: > > I've already tried to explain this several times to you. I don't feel > there's anything more useful to contribute.
Very well. From my point of view it seems that you have offered straw men, and talked about what would happen if NSS started returning PKCS#11 URIs to applications where they expect nicknames — but not once did you give a straightforward example of a *specific* *problem* which would be caused by PK11_FindCertsFromNickname() accepting a PKCS#11 URI. Even in the case of applications which *do* accept unconstrained user input, and *don't* treat it as opaque. I'm perfectly happy to entertain the notion of adding new functions for PK11_FindCertsFromURI() (et al.), but I was looking for *real* information about whether it was actually necessary. Which you don't seem to be able to provide without disappearing into handwaving and hyperbole. So I'll take that as a 'no'. Thanks anyway. -- dwmw2
smime.p7s
Description: S/MIME cryptographic signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
