[gnutls-devel] [Andy Lutomirski] Re: [TLS] multiple clients in one process

Stef Walter stef at thewalter.net
Wed Nov 27 15:23:43 CET 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 27.11.2013 15:21, Daniel Kahn Gillmor wrote:
> On 11/27/2013 09:12 AM, Stef Walter wrote:
>> p11-kit solves the concurrency issue, with multiple callers of
>> gnutls in the same process. Although it's still possible for
>> someone to use a fragile PKCS#11 module directly with gnutls,
>> that's not the default behavior.
>> 
>> Secondly, I'm working actively in the PKCS#11 OASIS TC (even
>> though such work can be tedious), to solve the inate PKCS#11
>> issues with multiple callers in a process. Progress has been
>> made, and it's looking likely that we'll have fixed this in a
>> future version of the PKCS#11 standard itself.
>> 
>> But until then: p11-kit does aim to fix this exact case. If there
>> is a specific issue, or corner case that we've missed, I would
>> love to hear details.
> 
> thanks for this, Stef.  Do you want me to relay this sentiment to
> the TLS WG so that the implementation and goals are clear to people
> who look at that archive?

Sure, that would be great.

Thanks,

Stef

- -- 

stef at thewalter.net
http://stef.thewalter.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlKWAG4ACgkQe/sRCNknZa+z9wCg5++bipHJhNJVBRJVc1w8dj9t
8cAAnR1Dl/J6c1CC8aQ5xDbXvInn+Ys1
=S1Zv
-----END PGP SIGNATURE-----



More information about the Gnutls-devel mailing list