David Stutzman wrote: >>> Actually, most of the developers who work on it are >> developing it for >>> servers. It is revenue from server sales that pay the salaries of >>> most of NSS developers (since revenues from browser sales >> are ... low :). >> >> They must be using it in pretty simple scenarios so far. The >> whole "who called >> NSS_Init first" game is really pretty fundamental... > > I think you're missing that you can have several applications that use > NSS with their own configurations running at the same time, not only one > copy of NSS initialized system-wide.
I never said anything about a single instance system-wide. I'm talking about multiple libraries within a single process that all try to use NSS. See this thread for a concrete example of the problem news://news.mozilla.org:119/[EMAIL PROTECTED] > For example, on windows xp Firefox > and Thunderbird each have their own set of db files and their own copies > of the NSS/NSPR libs and you can have both running at the same time with > totally different configurations. As another example, look at the > Fedora Directory Server and Fedora Dogtag Certificate Authority > products. They are both Sun->Netscape->Red Hat->Fedora server products. > You can have several "instances" of each product running on a single > machine each with its own set of keys/certs/crypto modules. Before NSS > 3.12, you needed to use a separate cert/keydb for each application as > the underlying database format didn't support multiple access if any one > process had it open writable, but NSS 3.12 now supports a shareable > format but it is not enabled by default which most likely explains why > you still see key3 and cert8 files. > > Dave -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
