On Sun, 7 Jul 2002 21:57:44 +0200 (CEST) Thomas Finneid <[EMAIL PROTECTED]> wrote:
TF> Iīve taken a quick look at the mail encryption and specifically GPG. Thanks for doing this! Your message is very valuable. TF> - certificate/passphrase management TF> I suggest using something similar to ssh-agent. The user only types TF> in the certificate passphrase once, and then the agent stores TF> the opened certificate for later use. Ok. TF> - storage of messages TF> I think its better narrow it down and say that only the TF> composer/viewer should do the encryption/decryption at run time. I agree. TF> - mime implications TF> I donīt know exactly how this works yet, Me neither. Have you found which documents describe this? TF> but as far as I know a TF> signed or encrypted message has a mime type of: TF> PGP: multipart/signed or multipart/encrypted. TF> S/MIME: (signing): multipart/signed or CMS format TF> (encryption): application/pkcs7-mime TF> TF> This suggest to me that the MIME part of the issue is local and not TF> global. So the logic for dealing with it should be in MessageViewer::ProcessPart() (i.e. in the viewer code). For the composer we'll probably only allow encoding the entire message at once for now. TF> - ui suggestion TF> I like the way netscape did it, completely transparent. I will take TF> a look at the details of how it works, since I havenīt used it TF> since 97. And I've never used it at all, so a description would indeed be welcome. TIA! TF> - M decrypts/verifies the message/signature silently in the TF> background when the reader opens the message. An icon in the TF> viewer shows the status of the message (whether the message or TF> signature is valid or not). Ok. This is what the "viewer bar" was supposed to be for. TF> either all messages are either encrypted or signed (preference) TF> or marked recipients have their messages encrypted/signed (preference) TF> TF> In addition there should be a possibility to tell M specifically if TF> a certain message should be signed/encrypted. Good idea. TF> ISSUES SUMMARY [saved for further reference] I propose to start with implementing support for viewing encrypted/signed messages. It is probably simpler and, AFAIK, indepent of composing them. And we'll probably gain some experience while doing it, i.e. some "small" issues such as integrating with the external libraries and such will be solved in process of implementing it. What do you think? VZ ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf _______________________________________________ Mahogany-Developers mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/mahogany-developers
