ryptographic services in modern operating systems today are being accessed by applications by using libraries, either high level ones that hide all details, or low level ones that force the user to deal with an amount of (un)interesting details of each cryptographic algorithm. Applications in the GNU/Linux and *BSD operating systems usually share the same libraries for cryptographic operations and protocols. Those can be one of Botan, OpenSSL, NSS, GnuTLS and maybe some more. This is quite a variety of choices which we believe is because of the different programming style that each library enforces, the different algorithms it provides and the ease of usage, which are subjective issues that depend on the eye of the beholder. However this diversity of cryptographic libraries has some disadvantages. For operations such as signing/encryption involving PKCS #11 hardware tokens, or software modules, objects need to be referenced. Currently there is no uniform way of referencing those objects and each of the libraries has its own conventions or delegate the burden of referencing objects to the application. This in effect makes sharing of those object references between different applications impossible and users are required to learn each application's unique interface. Moreover the fact that usually there are more than one PKCS #11 providers in a system, but no way to globally enable them for all cryptographic applications, leaves the burden of setup to users.