Replies: 1 comment 2 replies
-
Hey 👋 This is an interesting idea 😊 The main thing I'm worried about in the context of OpenPGP.js, is adding code that won't be used by many users (i.e. distribution size is a significant concern for us). Perhaps we could think about making this some kind of plugin / add-on module? That being said, I don't know if exposing enough hooks for this to be able to make it a separate module makes sense, or is easy to do in the context of our usage of ES6 modules. And perhaps if it's not that much code, it doesn't matter that much. But I think we should investigate this a bit. Regardless of the above, there may be other benefits to having a concept of keys being "stored elsewhere", even for Web Crypto, for example: right now, we import keys into Web Crypto on every usage, and then throw them away again, but it would be cool to defer storing and using the key to (some code that invokes) Web Crypto entirely. |
Beta Was this translation helpful? Give feedback.
-
Hi 👋
I work on Sequoia PGP and just recently I've added support for accessing remote private keys (like keys on OpenPGP Cards, TPMs, PKCS#11 etc.). I've made a mini-protocol for a small set of cryptographic primitives (basically RSA 1.5 sign/decrypt and ECDH derivation, ECDSA/EdDSA signing) accessible over HTTP.
I was wondering what do you think about including support for accessing keys via that protocol to OpenPGP.js?
If you think it's a good idea and could provide a couple of pointers I'm volunteering to send a PR :)
Beta Was this translation helpful? Give feedback.
All reactions