[Cryptography-dev] HSM and other algorithms

[Alex]

Hi,

Having reviewed the documentation of `cryptography` and looked through
the available examples, I still have some unanswered questions.


1. how to use an HSM for private key storage? Are there any high-level
features for this purpose, or is one expected to be familiar with how
a specific backend deals with it?

2. are there plans to introduce high-level primitives for XAdES or
PAdES signatures? Or is it outside the scope of the library (and we're
supposed to do it ourselves via hazmat)?

3. what's the preferred method of requesting new things? Say, I would
be interested in a sample that covers "how to produce PKCS7
signatures?", do I just open an issue on Github?



I have previously used other Python crypto libraries, and
`cryptography` looks clean and organized; it is certainly a step
forward from having to fish for answers in OpenSSL code to figure out
how a wrapper calls it.

It is great that you have examples embedded in the documentation
itself, that will be greatly appreciated by people who are looking for
starting points.


Alex

p.s. eagerly waiting to find out which directions will be chosen with
respect to parsing ASN1 structures :-)