NSS Shared DB: Difference between revisions

Jump to navigation Jump to search

NSS Shared DB (view source)

Revision as of 01:13, 6 April 2007

125 bytes removed ,  6 April 2007
→‎schema
Line 58: Line 58:


Database extension is accomplished in 2 ways:
Database extension is accomplished in 2 ways:
# New attributes are added to the list known attributes and to already defined PKCS #11 objects. Older database objects can be detected because they will have 'invalid' values for these attributes (example, could add CKA_ONLY_FOR_URL to trust objects).
# New attributes are added to the list known attributes and to already defined PKCS #11 objects. Older database objects can be detected because they will have 'invalid' values for these attributes (example, could add CKA_TRUST_EXTENSION_OVERRIDE to trust objects to add or override existing certificate extensions).
# Add new PKCS #11 objects to hold the data (example, could add a new SSL_DATA record to store mappings to various certificates to different cipher suites and host name*)
# Add new PKCS #11 objects to hold the data (example, could add a new SSL_DATA record to store mappings to various certificates to different cipher suites and host name*)
NOTE: * I'm not suggesting this be the design for handling the SSL mapping problem, only as an example for the kind of thing that can be added to the database even after this deployment.


==== Accessing the shared Database ====
==== Accessing the shared Database ====
Relyea
439

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/54093"

Navigation menu