[gnutls-help] Multi-tenancy and PKCS #11
Rick van Rein
rick at openfortress.nl
Tue Jul 18 15:22:28 CEST 2017
As you know, I am building a TLS Pool which separates applications from
TLS security. I have requests to make this into a multi-tenant process,
so it could run on a client machine and service each client without
This is a nettly request, but most things are now starting to resolve.
One thing that may be blocking it, is the fact that GnuTLS has a global
setup for PKCS #11, including the available tokens and their PINs. Is
that correct, or is there a way to get around this?
I do realise that GnuTLS is a library, and was not design with a
multi-tenant mindset. So if this is the stopper of the multi-tenancy
show than that does not indicate to me that GnuTLS is bad :) just that a
multi-tenant TLS Pool would be stretching it too far.
More information about the Gnutls-help