Hi Thomas, Great to hear that. This is basically the core reason why the OpenPGP.js project was initiated. Very good that we all share the same basic idea...
Best regards, Alex -- Sent from my mobile phone, please excuse my brevity On Sunday, 19. August 2012 at 12:09, Thomas Oberndörfer wrote: > I'm also currently working on a chrome extension. My main focus is to provide > a generic solution that is not bound to one specific webmailer. > The OpenPGP functionality should be integrated into the webmailer UI (so no > separate tab solution) and work for as many providers as possible. > I do this by scanning the page for the PGP header and then injecting an > overlay that is placed on top of the PGP text. > > It's already quite ready to release, so I hope this can be done next week. > > I also see that current PGP solutions on the desktop will only attract > specific users. So the question that I had when I started this project was: > how can I reach the average user? What can be done to improve usability? > > My assumption is that for the majority of users webmailer offer the best > solution (on the desktop). It looks like it's a trend that has a growing > impact: > stop of active development on Mozilla Thunderbird was already mentioned and I > also was quite impressed when I saw what Microsoft is offering with > outlook.com. > > That means: let's build generic OpenPGP browser plugins for all the browsers > out there and we reach maximum amount of users. > The bad news is: there is mobile with native apps. Here I see the gaia email > app brought up by Tankred interesting: if this could be > the basis for a mobile email client that runs on all platforms this would > fill a gap. > > @Sean: thanks for creating the roadmap. BTW for the versioning I would also > prefer a classical x.x.x scheme. Maybe that can be worked on once > the roadmap is more clear. > > Thomas > > > 2012/8/13 Tankred Hase <[email protected]> >> I wasnt trying to suggest that you or anyone do this work. Sorry if it came >> across like that. I was mearly trying to get your technical opinion on such >> an email app, since you had already done the gmail extention. >> >> One of the painpoints I see with PGP on the desktop is getting everything >> installed and configured is probably too much for the average user. What >> struck me when I saw imap client implemtation in js, is that one could take >> this and bundle it with openpgp.js into a simple to use preconfiged email >> app. >> >> The point with the seperate namespace is interesting though. Thanks. >> >> Tankred >> >> Am 13.08.2012 06:11 schrieb "Sean Colyer" <[email protected]>: >>> I hadn't seen that work, but it does look interesting. I'm not quite sure >>> what work you were envisioning I, or the openpgp.js team, would help with >>> this project. I think the most likely path would be to just make openpgp.js >>> work with Firefox (when it's ready) and allow gaia to craft an >>> implementation. >>> >>> For my intentions, the sandboxing is actually advantageous for security of >>> the extension because it means that the private key is stored in the >>> extension namespace rather than gmail's. >>> >>> I do not foresee myself extensively working on a direct implementation with >>> gaia, but perhaps I could help them get a start if that would be helpful. >>> >>> Sean >>> >>> >>> On Sat, Aug 11, 2012 at 7:48 PM, Tankred Hase <[email protected]> wrote: >>>> Hey Sean, >>>> >>>> I was wondering if you've seen the work Mozilla is currently doing on its >>>> Firefox OS email client. They are building an IMAP client in js, which is >>>> being optimized for syncing with gmail and yahoo mail. >>>> >>>> https://github.com/mozilla-b2g/gaia-email-libs-and-more >>>> >>>> Also David Dahl confirmed window.crypto.getRandomValues() is now >>>> implemented in gecko and is to be in "FF 17, maybe sooner". >>>> >>>> I dont know if you have been following crypto.cat in the last few days. >>>> They are going extention only in cryptocat 2, offering apps for chrome and >>>> mozilla WebRT and disallowing direct webusage over https. >>>> >>>> I have taken a look at your Chrome extention for Gmail. A complete signed >>>> installable email app could perhaps deal with some of the issues regarding >>>> sandboxing, code delivery and storing the private key in the gmail domain. >>>> What do you think? >>>> >>>> Tankred >>>> >>>> >>>> _______________________________________________ >>>> >>>> http://openpgpjs.org >>>> >>> >>> >>> _______________________________________________ >>> >>> http://openpgpjs.org >>> >> >> _______________________________________________ >> >> http://openpgpjs.org >> > > _______________________________________________ > > http://openpgpjs.org
