[xmlsec] Re: get PKCS11 slot
Andrew Fan
Andrew.Fan at sun.com
Wed Jun 18 23:43:31 PDT 2003
Aleksey Sanin wrote:
> Andrew,
>
> Will you please describe a use case scenario which you are
> trying to solve here? Why GetBestSlot from NSS does not work
> for you?
As we know, a PKCS#11 system has one or more slots. application can
connect to token in any or all of those slots. The use case scenario like:
1. a high level application get a key object( symmetric or asymmetric
key handler ) from a slot;
2. the application try to set the key into a xml encryption/signature
context; ( because the key handler is based on the slot which creates
it, it can not work with other slot in the system. )
3. the application call signature or encryption functions.( because the
internal key data only can identify the slot created by GetBestSlot, it
is possible that the action suffers a defeat. )
I think, in PKCS11 environment, if the keys are not created internally
in xmlSec, the problem will arise.
Thanks,
Andrew
>
> Aleksey
>
More information about the xmlsec
mailing list