Hi Valerie, I looked into the error code returned by NSS when it receives an unsupported named curve. NSS returns CKR_DOMAIN_PARAMS_INVALID under that condition. I searched for that error code in PKCS #11 v2.20 and believe it is the right error code for an unsupported named curve. ===== • CKR_DOMAIN_PARAMS_INVALID: Invalid or unsupported domain parameters were supplied to the function. Which representation methods of domain parameters are supported by a given mechanism can vary from token to token. ===== ===== If an attempt to create, generate, derive, or unwrap an EC key of an unsupported variety (or of an unsupported size of a supported variety) is made, that attempt should fail with the error code CKR_TEMPLATE_INCONSISTENT. If an attempt to create, generate, derive, or unwrap an EC key with invalid or of an unsupported representation of domain parameters is made, that attempt should fail with the error code CKR_DOMAIN_PARAMS_INVALID. If an attempt to create, generate, derive, or unwrap an EC key of an unsupported form is made, that attempt should fail with the error code CKR_TEMPLATE_INCONSISTENT. ===== I think the use of CKR_TEMPLATE_INCONSISTENT can be improved though. Wan-Teh