Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: openCryptoki - An open-source PKCS#11 implementation https://bugzilla.redhat.com/show_bug.cgi?id=426152 ------- Additional Comments From key@xxxxxxxxxxxxxxxxxx 2007-12-19 12:35 EST ------- It wouldn't be a non-NSS mechanism, just a different provider. By default, NSS contains a software-only PKCS#11 implementation it uses internally. openCryptoki is just another implementation of the APIs NSS is using to interface to this internal implementation to store certificates and do crypto. You might want to do this for the reasons I mentioned earlier, to get hardware acceleration or take advantage of secure keys in the TPM or other hardware. This is not the only use of PKCS#11 by the way, the Java JCE interfaces to PKCS#11 as well. As far as I know, NSS doesn't ship a library exposing its PKCS#11 APIs for other software packages to take advantage of, so without openCryptoki the JCE could not be hardware accelerated. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review