[lsb-discuss] [Fwd: NSS public functions]
rrelyea at redhat.com
Mon Aug 11 14:41:14 PDT 2008
Howard Chu wrote:
> (resending, didn't see this get out the first time)
> The presence of CERT_GetDefaultCertDB in this list implies that there may be
> non-default DBs as well but any APIs for opening/obtaining/closing such DBs
> are conspicuously absent from this list. (Likewise for *setting* the default.)
> That seems like an important oversight...
It's a legacy function that has nothing to due with actually certificate
databases. NSS is perfectly capabable of openning several databases at
once and using them (In fact the notion of databases are really not
surfaced at the application level, NSS is perfectly cabable of treating
PEM as database.
> Since NSS is inextricably dependent on NSPR, the inclusion of NSS in the LSB
> implies that NSPR must also be in the LSB. No?
NSS is tied to NSPR in the same way as OpenSSL is tied to BIO. Those
functions map pretty much one for one (we use that fact in openSSL
compatibility libraries that we use to help port openSSL applications to
Applications do not, however, have to adopt the NSS IO model. We have
several instances of applications which have their own IO model and just
use NSPR to do SSL reads and writes.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3420 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.linux-foundation.org/pipermail/lsb-discuss/attachments/20080811/fdde899d/attachment.bin
More information about the lsb-discuss