David's final email in current exchange forwarded with his permission.
Tim.
---------- Forwarded message ----------
From: "Woodhouse, David" <
david.woodhouse@intel.com>
Date: 12 May 2015 17:42
Subject: Re: [pkcs11-comment] PKCS#11 Usage Guide vs. POSIX issue
To: "
tjh@cryptsoft.com" <
tjh@cryptsoft.com>
Cc:
On Tue, 2015-05-12 at 08:11 +1000, Tim Hudson wrote:
>
> But I did want to get it clear that this isn't a specification issue as
> such - it is more implementation - and perhaps the text in the
> non-normative usage guide could do with addressing to help reduce this
> area of concern.
Agreed.
Although now you mention it, perhaps the normative specification
*should* explicitly mention that C_Initialize() may be called in a
child¹ after fork() and should function correctly without disrupting
the operation of the same module in the parent process.
That requirement was always *implicit* because of the recommendation
in the usage guide. But if the recommendation is removed, no hint to
implementers will remain. And yet there will obviously still be software which implements the (old?)
recommendation.
--
David Woodhouse Open Source Technology Centre
David.Woodhouse@intel.com Intel Corporation
¹ of a non-threaded process :)