The possibility of using JavaScript Object Signing and Encryption (JOSE) - specifically the verification part of the JSON Web Signature (JWS) component - came up as part of planning a JavaScript-based feature I'm working on.

We don't appear to have an implementation in mozilla-central yet. I'm trying to weigh whether to spend extra effort to add JWS support to the tree or to try to shoehorn existing signing solutions to fit my need.

First, does anyone know of an existing browser-side implementation of JWS used by Mozilla? I know we have Python in Marketplace doing signing. We /may/ have parts of Firefox OS doing client-side signing verification. My requirement is for chrome-privileged JS to do X509 signing verification. I'll settle for an XPIDL interface to NSS.

Second, would having JWS support in m-c be beneficial to anyone else?

If this isn't easy to add, I'll probably be lazy and leverage an existing solution. Convince me it is worth doing.

Gregory
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform

Reply via email to