Re: PKCS#7 digital signature in WebCrypto API

Hi. Ryan.

thanks for your mail.

I will try to research more.

thanks again.

regards
mountie.

On Fri, Nov 30, 2012 at 10:29 AM, Ryan Sleevi <sleevi@google.com> wrote:

> On Thu, Nov 29, 2012 at 4:52 PM, Mountie Lee <mountie.lee@mw2.or.kr>
> wrote:
> > Hi.
> >
> > is it possible to generate PKCS#7 digital signature with current API?
> >
> > the current API spec seams supporting only PKCS#1 for digital signature
> > format.
> >
> > I know discussions about certificate is not on the rail.
> > but my question is
> > is our API is ready to expand supporting PKCS#7?
> >
> > regards
> > --
> > Mountie Lee
> >
> > PayGate
> > CTO, CISSP
> > Tel : +82 2 2140 2700
> > E-Mail : mountie@paygate.net
> >
> > =======================================
> > PayGate Inc.
> > THE STANDARD FOR ONLINE PAYMENT
> > for Korea, Japan, China, and the World
> >
>
> CMS is not a signature format. It's a message encapsulation format.
>
> JOSE is ideologically equivalent to CMS, except using a JSON
> representation.
>
> Regardless, you can implement CMS with the necessary low-level
> primitives afforded by this API. I do not believe we should provide a
> high-level API for it. I view this as equivalent to the built in
> "built-in jQuery/MooTools/prototype.js" argument - which is to say, I
> do not support working on CMS, for the same reasons that no one in
> WEBAPPS would consider it viable to implement syntactic sugar like
> jQuery.
>
> Can you point to any aspect of PKCS#7/CMS that cannot be implemented
> in client-side Javascript when backed with browser-provided keys?
>
>
>


-- 
Mountie Lee

PayGate
CTO, CISSP
Tel : +82 2 2140 2700
E-Mail : mountie@paygate.net

=======================================
PayGate Inc.
THE STANDARD FOR ONLINE PAYMENT
for Korea, Japan, China, and the World