List Info

Thread: hack_enabled
hack_enabled
country flaguser name
Austria		 2008-03-11 11:46:08 

  


  

    
Hi,

could someone explain to me the use and sense of the hack_enabled flag in the OpenSC PKCS11 sources ?

It seems to me that this per default causes only one slot to be permitted for each smart card, right ? But why is that ?

Thanks in advance,
Brandy

Express yourself instantly with MSN Messenger! MSN Messenger		
  

  
  
   
     
    

  

    Re:  hack_enabled
  


  

     user name

     2008-03-12 06:45:01
  


  

    
Ühel kenal päeval, T, 2008-03-11 kell 16:46, kirjutas
Franz Brandl:

> could someone explain to me the use and sense of the
hack_enabled flag
> in the OpenSC PKCS11 sources ?
> 
> It seems to me that this per default causes only one
slot to be
> permitted for each smart card, right ? But why is that
?

It is there to make Estonian ID cards (EstEID) play nice
with Mozilla
browsers (Firefox etc). Mozilla NSS is broken in a way that
it does not
honour certificate flags. EstEID has two certificates, one
for SSL and
the other for digital signatures only. This hack will make
the other
disappear so FF will not see it.
Unfortunately Mozilla people do not think it's worth fixing,
that's why
we need that ugly hack :(

-- 
 Antti Andreimann - Security Expert
      Using Linux since 1993
  Member of ELUG since 29.01.2000
_______________________________________________
opensc-devel mailing list
opensc-devellists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc
-devel

  


  

    
  

  
  
   
     
    






 [1-2]











   
 





about | contact  Other archives ( Real Estate discussion Medical topics )