[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] Re: Proposal: New CKA_DESTROYABLE attribute
On 13/06/2013 5:23 AM, Stef Walter wrote: > On 12.06.2013 21:22, Tim Hudson wrote: >>> I wonder if we should use the same code in both places, that is: >>> >>> #define CKA_NOT_PERMITTED 0x0000001A >>> #define CKA_COPY_PROHIBITED CKR_NOT_PERMITTED >> Absolutely definitely not something I would suggest makes sense. >> If we see the need to have a separate name for an error code then it SHALL be a separate value. >> Aliases for error codes is not a sensible path IMHO. > This is deprecating the CKA_COPY_PROHIBITED because it was part of > PKCS#11 v2.30. There's no need for separate error codes. That isn't "deprecation" ... any existing example should continue to work - we should not be reusing codes (the space for codes is not something where we are under sufficient resource constraints that we need to carefully monitor each addition). That applies to all the use of codes (attribute numbers, mechanism numbers, error codes, flags, etc). Tim.