Before attaching a service module, an application can query the OCSF Framework registry using the CSSM_ListModules function to obtain information on the:

• Modules installed on the system
• Capabilities (and functions) implemented by those modules
• Globally Unique ID (GUID) associated with a given module.

Applications use this information to dynamically select a module for use. A multiservice module has multiple capability descriptions associated with it, at least one per functional area supported by the module. Some areas (such as Cryptographic Service Provider (CSP) and Trust Policy (TP)) may have multiple independent capability descriptions for a single functional area. There is one OCSF Framework registry entry for a multiservice module, which records all service types for the module. OCSF returns all information about a module's capabilities when queried by the application. Each set of capabilities includes a type identifier to distinguish CSPinfo from CLinfo, etc.

Applications can query about the OCSF Framework itself. One function, CSSM_GetInfo, returns version information about the running OCSF Framework. Another function, CSSM_Init, verifies whether the OCSF Framework version the application expects is compatible with the currently running OCSF Framework version. The general function to query service provider module information also returns the module's version information.