On Wed, 2010-11-10 at 13:03 -0600, Douglas E. Engert wrote:
>
> On 11/10/2010 11:37 AM, Andre Zepezauer wrote:
> > Hello Douglas,
> >
> > you should check if NSS does support ECDSA. If it does, then it should
> > verify the users certificate on its own. Calling a PKCS#11 provider for
> > doing it,
On 11/10/2010 09:37 AM, Andre Zepezauer wrote:
> Hello Douglas,
>
> you should check if NSS does support ECDSA. If it does, then it should
> verify the users certificate on its own. Calling a PKCS#11 provider for
> doing it, is some kind of abuse. (See quotation below)
I varies with builds. Most Li
On 11/10/2010 11:37 AM, Andre Zepezauer wrote:
> Hello Douglas,
>
> you should check if NSS does support ECDSA. If it does, then it should
> verify the users certificate on its own. Calling a PKCS#11 provider for
> doing it, is some kind of abuse. (See quotation below)
I agree, but that is not w
Hello Douglas,
you should check if NSS does support ECDSA. If it does, then it should
verify the users certificate on its own. Calling a PKCS#11 provider for
doing it, is some kind of abuse. (See quotation below)
But if NSS tries to offload the verification to OpenSC, because it
doesn't has suppo
Does OpenSC PKCS#11 support the creation of session objects?
Has anyone looked at doing this?
I bring this up as I am testing EC mods to OpenSC using
Thunderbird to sign e-mail as a test. In my case, the user certificate
is using ECDSA with a named curve, and the test CA is also using
ECDSA to si
