-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 23.02.14 10:47, Daniel Kraft wrote: > Hi! > > On 2014-02-22 23:42, John Clizbe wrote: >> Robert J. Hansen wrote: >>> Daniel Kraft wrote: >>>> Ok, I see.... So you don't think that Enigmail would want >>>> to add some extra functionality over GnuPG's OpenPGP stuff? > >> No. > >>> Although I am part of Enigmail's help team, I don't have any >>> say in Enigmail's future direction -- nor do I want to have a >>> say. :) > >> Also a team member > >>> What I will say is this: historically, Enigmail has been >>> tightly focused on supporting OpenPGP via use of GnuPG. That's >>> been one of our strengths over the years. As soon as we open >>> the door and start supporting things that are, at present, >>> completely unrelated to OpenPGP, we lose our focus. > >> Indeed. There is only one feature of Enigmail that I can think >> of that is not dependent on GnuPG -- Per-Recipient Rules. >> Everything else relies in one way or another on GnuPG. Enigmail >> is a front-end to GnuPG for Mozilla-based email platforms. That's >> all. To borrow from Doug McIlroy, "Do one thing and do it > > Ok, I get it. If that's your goal with Enigmail, I fully > understand. > >>>> Do you think this is an extension that could eventually be >>>> accepted into OpenPGP? > >> Personal opinion, no. The OpenPGP standard doesn't deal with key >> storage or retrieval issues. > > Exactly that's also my opinion (without being an expert), and > that's why I thought that a place like Enigmail would be where > such additional features are best implemented. > > Where do you suggest to add this feature then for those who are > interested in key verification via Namecoin? A custom fork of > Enigmail, or some other place? You suggest that it should be done > higher on the protocol ladder, but this contradicts your statement > above as far as I understand it.
The problem with implementing Namecoin support in Enigmail is that the functionality is restricted to Enigmail (what a surprise), and you cannot use it if you use e.g. KMail or Mail.app. I.e. both, the key owner and the recipients need to use Enigmail. But if you want to reach more users, then you better implement it such that all applications building on GnuPG can use it without having to do any additional work. I think the best place for this is GnuPG. Just like key server functionality is implemented in GnuPG. > I agree that it is a fully "complementary" feature that is not a > core functionality of OpenPGP at all. That's why I also think it > doesn't make sense to have it in OpenPGP itself, and why my first > thought was that Enigmail is a better place to implement it than > the GPG core. You should distinguish between OpenPGP (which is a protocol) and GnuPG (which is an application implementing the OpenPGP protocol, but also some other related protocols like HKP). [...] > This is not what Namecoin (or at least my current suggestion) is > about. It is instead an *alternative* to the WoT for verifying > GPG keys, not an extension of the WoT. Fully understood. But the WoT is an important aspect of GnuPG, not Enigmail. Enigmail doesn't care why you trust a particular key and how that trust is created. - -Patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEVAwUBUwnQmsk25cDiHiw+AQg/+Af/dXYFuDfcWjRsiNbAF3rN8Z6DSmzwLWrn kPPy8+ohat1kch2hjRP2F3C5xKglhxNAbcLbrsYPFaNoB6N48fDfpId5Qq8jmSSI QPmP9iL+cuWm3Qh1CaMVqwE+Xj3BK3oYwdPyaxJOSx16SaLucTFgEBNOpGaPGqgU xpTTqYPfHwG7ax3kaW3hnyaGNhWdRoowZ3czHjTxw7nwFBqVmZFXBMyee1Ld5qaj syulWnGuZUP94ZvNqzmf9JEAP9jAwxV93cC/vVUFUCXrchzXknPZ8xrMlR5XmRrM pS4PvbwesrA4BUL3pgudPdBqtug49SMlgZwH92VfzQDl/1UcxREPMA== =oqka -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list [email protected] https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
