> If your module locks the DB while in R/W > mode, that would explain it. Even that is bad, but it's not as bad a > user experience when you have the friendly flag set.
NSS will access opensc driver following pkcs11.txt configuration which is the same for Chromium, Firefox and the certutil tool I'm also using for testing. > Try it with FF. No newness, every access after the start of the driver sesion by the PSM of Firefox gets locked. > If your module locks the DB while in R/W mode, that would explain it. Thats why I think it's something related to the pkcs11.txt Irune Prado :: Zylk.net ----------------------------------------- ----- Mensaje original ----- De: "Nelson B Bolyard" <nel...@bolyard.me> Para: "mozilla's crypto code discussion list" <dev-tech-crypto@lists.mozilla.org> Enviados: Jueves, 13 de Enero 2011 13:16:07 Asunto: Re: Firefox PSM locks NSS On 2011-01-13 03:58 PDT, Irune Prado Alberdi wrote: > I've tried the same test with Chromium and it worked correctly as > Wan-Teh said. The database does not get locked. [snip] > I had to activate the FRIENDLY flag in order Chrome to correctly obtain > the smartcard's certificate. I'm new to Chrome so maybe there's another > way to do this. Firefox doesn't require it and asks for the PIN. That's a big clue, I think. The friendly flag tells NSS that the module supports a "read only" mode wherein it is not necessary to login to read the certificates and other "public objects" on the device. Without that, NSS assumes that the device only supports read/write mode, and login is necessary to go any access. If your module locks the DB while in R/W mode, that would explain it. Even that is bad, but it's not as bad a user experience when you have the friendly flag set. Try it with FF. -- /Nelson Bolyard -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
