TOFU code available
aheinecke at intevation.de
Wed Oct 21 13:29:20 CEST 2015
On Tuesday 20 October 2015 22:36:57 Werner Koch wrote:
> On Tue, 20 Oct 2015 19:46, aheinecke at intevation.de said:
> > I've not yet tested what happens in case of conflicts where the command
> > line would ask questions. Maybe bring up a pinentry prompt for that?
> Nope. We should not overload the Pinentry with functions it is not
> designed for.
I think it makes sense though. We already have pinentry asking for Root
Certificate trust in S/MIME and imo the TOFU questions fall in the same
category. It's just a dialog with a question and some options.
Some advantages I see:
- User visible strings would all be in GnuPG itself. (And thus unified and
centrally l10n'ed) And the same as in the CLI.
- It would be controlled by GnuPG. If there are changes they are always in
line with the GnuPG version.
- No need for a complex protocol to handle these interactions through gpgme.
And there would be no need to adapt existing MUA's :-)
Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-devel