On Tue Aug 23 13:36:32 2016, mat@FreeBSD.org wrote:
> | (1) IMHO it is not a good idea to provide native PKCS#11 support
> | in the standard package...
>
> The native PKCS#11 support is provided as an option, and is not enabled by
> default, so it is not a problem, it is there so that people who need it can
> use it.

=> it will never work: PKCS#11 needs some parameters at configure
time so is not a proper candidate for packaging. And the last
improvements make this even worse (they introduce a dependency
on the name of the PKCS#11 provider, i.e., the library from the HSM
vendor which implements the PKCS#11 API).

> | (2) I'll download the Fedora 23 sources to see if the patch solves
> | a real/known/already-fixed issue.
> 
> Thanks, please let me know :-)

=> see my previous answer.

> | Note we merged a patch making the native PKCS#11 support more
> | flexible into 9.10 and 9.11 last week so if you find something wrong
> | please check against last versions.
> 
> I'll have a look.

=> read the new lib/isc/include/pk11/README.site to understand
what the native PKCS#11 support implies...