I was wondering whether the integration of JOSE with PKCS11 was not considered for some reason or it was an omission. One could describe private keys of hardware devices using the PKCS 11 URI scheme (https://tools.ietf.org/html/rfc7512) and reflect those in the JWE recipients header, for example, to use such a device for key unwrapping. It may be as easy as adding pkcs11 field(s) to the JOSE parameters (https://www.iana.org/assignments/jose/jose.xhtml)
Regards,
Stefan
Regards,
Stefan
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
