RFC

[Taral]

--8323328-1804289383-973796929=:4265
Content-Type: TEXT/plain; charset=us-ascii

This is a Request For Comments:

An interesting point has been made. GPG implements a lot of
process-level security which cannot be simply put into a library
(setuid-root stuff).

Therefore I recommend that GPG be broken up into the following:

* Processing libraries
  * Algorithms
  * Format handlers
  * etc.
* Data handling layer (handles keeping data secure)
* Command line interface
* IPC interface

This way, we can provide what is needed at each point -- direct C
interface for those who just want to check signatures rapidly, IPC
interface for those who want to do more secure things, and command line
for those who use scripts (and users).

Note: The data handling layer would actually be the program driver. It
would contain "main". The IPC + cmdline interfaces could (in theory) be
dynamically loaded, although this might be a security risk.

-- 
Taral <taral@taral.net>
Please use PGP/GPG to send me mail.
"Never ascribe to malice what can as easily be put down to stupidity."

--8323328-1804289383-973796929=:4265
Content-Type: APPLICATION/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEABECAAYFAjoK9kEACgkQ7rh4CE+nYEk8VwCeLfG3+wqGj2rgRwGl1s7VIacE
UEgAn0JPXny9I1xZlYOYvb247pQsWnlU
=moAQ
-----END PGP SIGNATURE-----

--8323328-1804289383-973796929=:4265--