>> This was one of the inputs to the Stan API design.
>>
> Is it anywhere available?
All I could find are early types and prototypes headers (and simple
no-op implementations, just so it compiles I guess):
http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/
I don't think any design docs are available, unfortunately. They'd
probably be a lot clearer than the headers.
> But this would imply, that one (mostly) reimplements OpenPGP for PSM
> or NSS, right?
Probably, depending on how tightly the "math" is tied up with the
mechanism. One thing that was very high on my list was the ability to
store PGP keys (and ssh, btw) on standard cryptoki tokens (even if the
token couldn't support them natively).
Note that at the time, we'd have had to reimplement PGP anyway, to get
an MPL'd version. That still might be necessary, unfortunately, but
that's a question for the mozilla policy people.
Such a ground-up effort is probably way overkill for the simple goal of
supporting PGP in Mozilla. That could probably be more easily done with
two independant implementations, and the cracks plastered over with UI..
