Jay Potter wrote: > Can a PKCS#11 module be proprietary? I would not want to publicize the > intricacies of the USB device, but rather provide a mechanism where > others could utilize its capabilities within their own projects.
Yes, the whole point of PKCS#11 is to allow makers of proprietary crypto stuff to offer a standard interface to their stuff. PKCS#11 exists to hide the proprietary stuff under a standard API (the PKCS#11 API). Most vendors of crypto hardware offer a PKCS#11 module for for their hardware. The module innards are proprietary. The interface is standard. NSS-based applications (such as mozilla family clients and server products from various companies) already work rather readily with PKCS#11 modules (for public and private key operations and cert storage, mostly). /Nelson _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
