OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Fwd: Re: [pkcs11-comment] PKCS#11 Usage Guide vs. POSIX issue


FYI - David's response ...

Tim.

-------- Original Message --------
Subject: 	Re: [pkcs11-comment] PKCS#11 Usage Guide vs. POSIX issue
Date: 	Mon, 11 May 2015 21:03:51 +0000
From: 	Woodhouse, David <david.woodhouse@intel.com>
To: 	tjh@cryptsoft.com <tjh@cryptsoft.com>
CC: 	pkcs11@lists.oasis-open.org <pkcs11@lists.oasis-open.org>



On Tue, 2015-05-12 at 06:50 +1000, Tim Hudson wrote:
> David, it appears to my reading of your email at least - that all of 
> the issues you are raising are related to implementation issues with
> specific vendors and/or some vendors use of pthread_atfork ... and 
> not with the specification itself.

Yes, in a sense that's true.

But it seems like using pthread_atfork() is one of the only obvious
ways to implement the "good Cryptoki programming practice" of calling
C_Initialize() whenever the application forks.

We don't spell it out, but we are *leading* the developer to use
pthread_atfork(). I'm not quite sure how else one would implement the
recommendation and expect it to cover fork() from arbitrary library
routines, etc.

Given that the obvious implementation of what we recommend is a clear
violation of the POSIX specification when we do it from a multi
-threaded process, surely it warrants at least a *caveat* that perhaps
the reader might want to bear the POSIX requirements in mind?

Sure, we are *only* leading them to the cliff, and we didn't make them
jump. But maybe we could point it out to them?

-- 
David Woodhouse                            Open Source Technology Centre
David.Woodhouse@intel.com                              Intel Corporation





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]