Wan-Teh wrote: > Yes, that was the reason for the portability layer > (which uses the pkix_pl prefix in the source code). > One of the intended customers was the IPsec code > in the kernel, so the main libpkix library did not > even depend on the Standard C Library. > > Each environment would need its portability layer > for libpkix, for example, pkix_pl_nss, pkix_pl_openssl, > pkix_pl_kernel/ipsec. Only pkix_pl_nss was implemented.
Yeah, that's what Yassir said also. He thought it was pretty funny that you're going to get rid of the HTTP certstore and non-blocking I/O. Apparently, we only put those in at the request of the NSS team! I guess requirements have a way of changing over the years... I have cc'd Yassir on this email so that you can have his latest email address. With his permission! Thanks, Steve > -----Original Message----- > From: dev-tech-crypto-bounces+shanna=funk....@lists.mozilla.org > [mailto:dev-tech-crypto-bounces+shanna=funk....@lists.mozilla.org] On > Behalf Of Wan-Teh Chang > Sent: Friday, January 13, 2012 11:01 AM > To: mozilla's crypto code discussion list > Subject: Re: libpkix maintenance plan (was Re: What exactly are the > benefits of libpkix over the old certificate path validation library?) > > On Fri, Jan 13, 2012 at 7:38 AM, Stephen Hanna <sha...@juniper.net> > wrote: > > I'm having lunch today > > with Yassir Elley, who did most of the coding > > for the first version of libpkix. He works on > > the same team as I do now, at Juniper. We'll > > mull over this question and see if we can recall > > why we included those layers of abstraction APIs. > > I suspect it was because we wanted this to be > > a PKIX-compliant library that could be used by > > any project for any purpose in any environment. > > Hi Steve, > > Yes, that was the reason for the portability layer > (which uses the pkix_pl prefix in the source code). > One of the intended customers was the IPsec code > in the kernel, so the main libpkix library did not > even depend on the Standard C Library. > > Each environment would need its portability layer > for libpkix, for example, pkix_pl_nss, pkix_pl_openssl, > pkix_pl_kernel/ipsec. Only pkix_pl_nss was implemented. > > Wan-Teh > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto