On Tue, 2014-12-09 at 14:18 +0000, Martinsson Patrik wrote:
> 
> > It's cute that GNOME keyring can provide PKCS#11 functionality and you
> > can store certificates and keys in there. But you aren't *using* that
> > functionality. So just unregister the module entirely by deleting its
> > file from /usr/share/p11-kit/modules/. Then you don't have to worry
> > about its behaviour, or the apps which don't support the protected
> > authentication path. Life's too short :)
> 
> Haha, ok. I get that part. What I don't get is, "why is it there, and 
> when is, and who is suppose to use it" Shouldn't it be removed ? 

FWIW this isn't even working correctly in Firefox. It *sometimes*
handles CKF_PROTECTED_AUTHENTICATION_PATH correctly, but other times it
just starts a new session, doesn't bother to log in, gets
CKR_USER_NOT_LOGGED_IN from C_SignInit() and fails.

I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1110233

-- 
dwmw2

Attachment: smime.p7s
Description: S/MIME cryptographic signature

-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to