439
edits
NSS Library Init: Difference between revisions
Jump to navigation
Jump to search
→FAQ
(→FAQ) |
|||
| Line 125: | Line 125: | ||
#*#If the PKCS #11 module supports the NSS 'add new slot' protocol, then NSS will add a new slow with the new configuration. | #*#If the PKCS #11 module supports the NSS 'add new slot' protocol, then NSS will add a new slow with the new configuration. | ||
#*#For most modules we will move on. The requested module is already initialized and loaded in the trust domain, there is no further work needed to use it. | #*#For most modules we will move on. The requested module is already initialized and loaded in the trust domain, there is no further work needed to use it. | ||
#FIPS | #What happens if different users initialize NSS with differing views of FIPS? | ||
#*FIPS is really a attribute of the slot. NSS can have different slots open in different 'FIPS' states. This is rare today, it only happens when NSS switches from FIPS to non-FIPS. During the switch the old slots stay around until all their outstanding references go way. | |||
#*The 'overall' reflection of FIPS would be controlled by the 'application' (the first caller of NSS_Init). In practice, however, you are not really in FIPS mode unless all your slots are in FIPS mode. | |||