[webkit-gtk] Support for PKCS11 / Smartcard?
Michael Catanzaro
mcatanzaro at igalia.com
Sun Dec 2 12:05:57 PST 2018
On Sun, Dec 2, 2018 at 1:58 PM, Michael Catanzaro
<mcatanzaro at igalia.com> wrote:
> In CentOS 7.6, you are in a good spot to do this, because you have
> glib-networking 2.56, which is the first version of glib-networking
> that uses GnuTLS's default trust store
Oops, that's not true; looks like 2.58 was the first version for this.
So there is no PKCS#11 support at all (because in 2.56 and older,
glib-networking bypasses GnuTLS's trust store and loads CA's from a
certificate file) unless you use the gnutls-pkcs11 backend (again,
that's now removed, but still present in 2.56). So that means what
you're testing on CentOS 7.6 will be completely different than the
current code.
So if you check the state of PKCS#11 in glib-networking in CentOS 7.6,
you're going to want to turn around and check again in Fedora 29 as
well, due to these huge changes.
Michael
More information about the webkit-gtk
mailing list