Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consider OpenSSL for signature generation and verification. #14

Open
priteshbandi opened this issue Oct 1, 2021 · 1 comment
Open
Milestone

Comments

@priteshbandi
Copy link
Contributor

  • We are using homegrown/custom implementation of pkcs7 for timestamp signature, should we consider using openssl?
  • OpenSSl is FIPS compliant so we can offload crypto operations to openssl
@shizhMSFT
Copy link
Contributor

If we use openssl, then the notation-go-lib will not be a pure Go library and will be platform specific.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: No status
Development

No branches or pull requests

3 participants