Hi, On Wed, 07 Dec 2011 14:09:17 +0100 Carsten Wentzlow <[email protected]> wrote: > > I think the one thing we might want to break off is the > > incorporation of the implementations (in your case the gmail > > extension code), just because the goal is to create something of a > > universal library. If I look at your code outline correctly it > > looks like the objective is to create a universal webmail extension? > > I lined out a project structure with the goal to create plugins for > browsers allowing a user to use openpgp on any webmail page. This > follows the gpg4browsers idea and requires writing code for browser > plugins as well as writing an integration for webmail providers.
if you take out the functionality for incorporation of use-cases, be it the Chrome extension, other extensions/Add-Ons, glue code for various webmail provider, etc., I think you might reduce this project to absurdity. Think about it: PGP/GPG adoption is low not because the core libraries are bad or not available on many platforms. Adoption is low because integration in mail clients essentially sucks and messages composed by one are often not decryptable by the other. The essential benefit of the JS implementation is to provide all the interfaces for integration in ONE place, so you can do continuous testing/build and make sure that the email client chaos is not repeated. Carsten already explained nicely how much work went into getting it to work with just gmail. That's the real benefit we are providing here. Also, this is security relevant code. When you change anything in the core libraries, you must absolutely make sure the consumers of the library are not negatively affected. Hard to do when you need to hunt them down in other repositories. If anyone only needs encrypt/decrypt/sign/verify, just don't copy the /webmail and /browser (or whatever we call them) path. At the end of the day, who gets hurt with a few more directories in the source tree? We already have people waiting that want to do Firefox and other extensions. I'd say let them do it. cheers Felix -- Recurity Labs GmbH | Felix 'FX' Lindner http://www.recurity-labs.com | [email protected] Wrangelstrasse 4 | Fon: +49 30 69539993-0 10997 Berlin | PGP: A740 DE51 9891 19DF 0D05 Germany | 13B3 1759 C388 C92D 6BBB HRB 105213 B, Amtsgericht Charlottenburg, GF Felix Lindner _______________________________________________ http://openpgpjs.org
