The TLS protocol is a security cornerstone for online protocols, including for web, sending and receiving email, chat and many more. Unfortunately, its operational aspects do not reflect its importance. TLS Pool is a project that aims at making TLS an easier protocol to operate on.
What is the TLS Pool daemon?
The TLS Pool daemon (or "background program") is a program that runs without a visible interface of its own. What it does is translate unprotected traffic into TLS-protected traffic, and vice versa.
When an application has built up a connection and decides to continue over TLS (which may be from the onset or after a so-called STARTTLS handshake with the remote node) it hands over its connection to the TLS Pool daemon and receives a protected link back in return.
Interfaces to the daemon
The TLS Pool can be contacted by User Interface elements that wish to influence the operation of the TLS Pool in some way. Specifically, to enter PIN codes (or passwords) for access to credentials, and optionally to select one from a number of user identities.
Finally, the TLS Pool contacts a service for proper handling of credentials, over the standardised PKCS #11 interface.