[Andy Lutomirski] Re: [TLS] multiple clients in one process
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Nov 27 06:21:40 PST 2013
On 11/27/2013 09:12 AM, Stef Walter wrote:
> p11-kit solves the concurrency issue, with multiple callers of gnutls in
> the same process. Although it's still possible for someone to use a
> fragile PKCS#11 module directly with gnutls, that's not the default
> behavior.
>
> Secondly, I'm working actively in the PKCS#11 OASIS TC (even though such
> work can be tedious), to solve the inate PKCS#11 issues with multiple
> callers in a process. Progress has been made, and it's looking likely
> that we'll have fixed this in a future version of the PKCS#11 standard
> itself.
>
> But until then: p11-kit does aim to fix this exact case. If there is a
> specific issue, or corner case that we've missed, I would love to hear
> details.
thanks for this, Stef. Do you want me to relay this sentiment to the
TLS WG so that the implementation and goals are clear to people who look
at that archive?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/p11-glue/attachments/20131127/eae8c8c7/attachment.pgp>
More information about the p11-glue
mailing list