|
PGP/GnuPG is a very
critical and highly detailed, feature rich program. _javascript_
is not an appropriate tools for such work; it should be done in C. the real issue that is, and has been missing in the whole private authentication area is: how best can ordinary users generate public/private keys and then get their public keys authenticated and uploaded. i think a dedicated device for carrying they keys might be needed. the authentication and uploading should be a service at any DMV, Credit Union, County Clerk or Notary Public . as properly noted in this message key management is the issue that is not well understood and certainly not well implemented. we will need more than a _javascript_ to fix this . and it needs fixing : failure to authenticate is one of the main faults that facilitates fraud -- at every level . On 11/10/2015 03:55 PM, Daniel Kahn
Gillmor wrote:
Thanks for raising the issue, Robert. I think the move off of xul to pure _javascript_ is a good and healthy one regardless of any other related (or unrelated) outcomes -- _javascript_ is actually maintained, and xul is on life support. Having a single simple codebase will be a good thing.That said, i think the specific question you raise below is worth more consideration: On Tue 2015-11-10 13:31:42 -0500, Robert J. Hansen wrote:To start things off, here's my contribution: what would people think about abandoning GnuPG in favor of moving to OpenPGP.js, a _javascript_ implementation of OpenPGP? This would make installing Enigmail vastly simpler, as we'd no longer have a dependency on a third-party application. Also, we'd only have to support one codebase, instead of dealing with people who were using GPGTools, GPG4Win, distro-provided GnuPG, and more. -- /Mike |
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
