[xmlsec] another nss patch
aleksey at aleksey.com
Wed Jul 23 19:11:16 PDT 2003
> As I mentioned before, I also want to create certificate store based
> on NSS certificate database handler,
> which will enable us use NSS other features, such as LDAP, OCSP, and
> various CRLs.
I believe this is how it is implemented right now, isn't it? Tej?
> And another is I want to create symmetric keys with crypto devices
> mechanism instead from a random generator,
> although it work well.
Good! I like this idea!
> And I also want to provide a more common key manager based on slot and
> certificate database.
Not sure what do you mean by this but it sounds good to me.
> If you accept my ideas, I think some interfaces will be added, and
> some interfaces will be modified.
Well, I have no problems with adding something. But I want to keep API
stable and I am not sure
that I ready for xmlsec 2.0 yet :) It would be great if you can take a
look at current APIs and suggest
changes before will merge new xmlsec-nss code to the trunk.
> I'll try my best to finish the work as soon as possible. Because I
> must talk every details with you all,
> I'am not sure how long
Andrew, I have no objections of adding new features, new code, etc. The
only thing I want is to understand
what exactly each line of code in xmlsec is doing why it is written this
way and not another. The reason is simple:
I prefer to have as less bug reports as possible :)
More information about the xmlsec