Title   : PKCS #11
Author  : Chris Osgood <oznet@mac.com>
Version : 1.0.0
LICENSE : See file LICENSE
Document: none
Requires: C compiler (gcc)
          GNU tools (gmake, ld, ar, gcc ...)

Tested Platforms:
    Mozilla 1.0 RC2 on Sparc Solaris 2.8
    Mozilla 1.0 RC3 on Linux 2.4 (Debian)
    Mozilla 1.1a on Linux 2.4 (Debian)
    Netscape 4.x on Sparc Solaris 2.8
    Netscape 4.x on Linux 2.4 (Debian)

The recommended browser is Mozilla 1.1a or newer on all platforms.  It
be noted that Netscape recommends using an external application to
personalize the card rather than the initialization functions within
Netscape/Mozilla.

It is possible to customize some of the P11 module's behaviour via a
configuration file.

The module looks for $HOME/.pkcs11rc or in the registry under xxx on Win32.

An example configuration file provided as "pkcs11rc.example".

The options are as follows (all are optional):

Option: DebugLevel
Values: HIGH, MED, or LOW (default HIGH)
  Desc: This sets the logging level of the module.  HIGH only logs high
        priority messages and provides very little information.  LOW
        provides maximum logging.

Option: LogFilename
Values: Full path to file (default "PKCS11.log" in current directory)
  Desc: This sets the log filename

Option: MultiApp
Values: True or False
  Desc: Multiple application support.  If True then this makes the module
        cache less and query the card more often.

Option: Threaded
Values: True or False (default False)
  Desc: If True this options tells the module to try and use threads.  Threads
        will still be disabled if the application does not support them
        (both Netscape and Mozilla do not offer full thread support).

Option: SlotStatusThreadScheme 
Values: Full or Partial (default Partial)
  Desc: Partial threading uses a thread to detect when the card is changed but
        may not update the card information until another P11 function
        is called.  Full threading will automatically update all the
        card information any time a new card is put into the system,
        this happens independantly of the rest of the module.

Option: ObjectSortOrder
Values: NewestFirst or NewestLast (default NewestFirst)
  Desc: Changes the order in which objects are found on the card.  May effect
        certain applications like Netscape dealing with certificates.

Option: CachePIN
Values: True or False (default False)
  Desc: If True this caches the PIN until the card is pulled.  This is not fully
        implemented and may not work, use at your own risk.

Option: Version
Values: Major.Minor (default 2.11)
  Desc: This changes the version number reported by the module.  Some
        applications require a specific version number even though they
        will work fine with this module.

Option: MaxPinTries
Values: Number (default 8)
  Desc: Sets the maximum number of PIN attempts allowed (used when personalizing
        the card).

Option: SOUserPinNum
Values: Number (default 0)
  Desc: PIN number to use for the SO user

Option: UserPinNum
Values: Number (default 1)
  Desc: PIN number to use for the normal user

Option: CertAttribSize
Values: Number (default 512)
  Desc: Size of object to create that holds certificate attributes

Option: PubKeyAttribSize
Values: Number (default 512)
  Desc: Size of object to create that holds public key attributes

Option: PrvKeyAttribSize
Values: Number (default 512)
  Desc: Size of object to create that holds private key attributes

Option: DataAttribSize
Values: Number (default 512)
  Desc: Size of object to create that holds data object attributes

Option: DisableSecurity
Values: True or False (default False)
  Desc: Disables security for on-card objects.  If True then all permissions
        for objects on the card will be set to MSC_AUT_ALL

