On Thu, 12 Dec 2002 00:47:20 +0100 (Romance Standard Time) Vadim Zeitlin <[EMAIL PROTECTED]> wrote:
> On Wed, 11 Dec 2002 15:56:56 +0100 Xavier Nodet <[EMAIL PROTECTED]> wrote: > XN> I started something to implement PGP/Mime signature verifications. The > XN> two strings (signature, and signed text) are ready to be used. > Nice, thanks! Actually, I am now able to verify PGP/MIME signatures... But this is not nice at all: I pop-up a warning to display the results, and I do not check the PGP button in the viewer bar. I believe we should have a much better way to show those signature verifications. One thing in particular, is that it should be very clear which parts of the message were actually signed. I was thinking to something like 'boxing' the signed part: ====================================== From: foo To: bar Subject: baz Hi, here is the result. _______________________ / | Here is the signed part | of the message | | Attachement: a_file \_______________________ Thanks. ====================================== This seems to me particularly important for MIME messages: attachements can be signed or not: this should be prominent. The problem is that there are two very different parts of the program that deal with signature verification: MIME parsing, and text display. I suppose we should create some meta-data for those crypto properties, and those meta-data are used to display the message. > One point I'm absolutely sure about is that it [the PGPEngine > instance] should be created on demand only (i.e. there should be > GetPGPEngine() somewhere which would create it when it's called for > the first time). I am not against that, but why do you insist on creating on demand? It is not so heavy a class, is it? > Second point is that PGPEngine is actually a module so we can always > get it "by name" (as PGPFilter ctor does). That's what I understood. And I did the same as in this constructor for my prototype implementation. > Finally, there should be > a way to disable this which should probably be done by unchecking > PGPEngine entry in the modules dialog -- and so we should test if > READ_APPCONFIG_TEXT(MP_MODULES) contains this module name. Fine. > The only problem I see is that I don't know when should it be > deleted... I guess there are two cases: when options are saved and the user chose not to load this module, or when the program is closed. No? -- Xavier Nodet "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin, 1759. ------------------------------------------------------- This sf.net email is sponsored by: With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel http://hpc.devchannel.org/ _______________________________________________ Mahogany-Developers mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/mahogany-developers
