On Tue, Sep 11, 2012 at 9:07 PM, Jason A. Donenfeld <[email protected]> wrote: > On Sat, Sep 8, 2012 at 11:03 PM, Marcus Breese <[email protected]> wrote: >> So, I'm the guy that was talking about a Chrome extension. >> >> I'm not quite sure how to do a lot of the Chrome parts, but it should be >> pretty straightforward to get the URL of the current tab, then send that to >> a pass daemon running locally. The gpg password could be kept by Chrome >> (probably not a good idea), or managed normally with a gpg key agent. Then >> the daemon could add the decrypted password to the clipboard for a limited >> amount of time. Ideally, it would return the username/password so that the >> form could be auto-filled out (similar to the way that LastPass works). >> >> The weak link in this is the Chrome-daemon link. Ideally, this should be >> authenticated and encrypted, even if it is operating on the same machine. >> The benefit of using a daemon is that it could be a standard interface for >> multiple browsers, and you wouldn't have to compile a plugin for the browser. >> >> Those were my random thoughts. What did you have in mind? >> >> -- >> Marcus Breese >> [email protected] >> > > Replying to this on list, so that others can chime in on the discussion. > > Any suggestions for the best architecture of this? Take the > organization discussion [1] under consideration too. > > [1] http://zx2c4.com/projects/password-store/#organization
Hey guys, Let's revive this discussion. Where we left off last time was: plugin interface vs tcp listener. Any further thoughts on the matter? Any more clever way of giving chrome plugins access to local files in a safe way? Jason _______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/listinfo.cgi/password-store-zx2c4.com
