On Mon, Apr 25, 2016 at 7:50 AM, Kevin Cernekee <cernekee at gmail.com> wrote: > Chrome OS supports the notion of hardware-bound system keys, but it > doesn't provide APIs that can be called directly by GnuTLS or p11kit. > Instead, the application's NaCl module needs to pass certificate > queries and signing requests back to JavaScript code that invokes the > chrome.platformKeys APIs. This is implemented by registering a handler > for URLs starting with the (somewhat arbitrarily chosen) "app:" prefix: Would it make sense to include that support in gnutls directly?
