Thoughts on GnuPG and automation

Bjarni Rúnar Einarsson bre at pagekite.net
Sat Feb 28 13:57:50 CET 2015


Hi Dan,

I dedicated an most of the blog post to answering that question (why it
breaks Mailpile), did you not read it or did I fail to communicate?

- Bjarni
On 28 Feb 2015 12:44, "Daniel Kahn Gillmor" <dkg at fifthhorseman.net> wrote:

> On Fri 2015-02-27 07:19:41 -0500, Bjarni Runar Einarsson <bre at pagekite.net>
> wrote:
> > I think you misunderstood my complaint. I don't mind if the agent is a
> > persistance daemon that provides GPG-related services, that's all well
> > and good. It's good process separation and I have no problem with that.
> >
> > My gripe with the agent, is the agent is controlling the UI of
> > authentication. This breaks Mailpile, and this is one of the key areas
> > where GnuPG crosses the imaginary line between library/utility and
> > "application". Fixing this was point 1. in my list of suggestions and
> > explaining why it was necessary was the bulk of the post.
>
> The only part of the UI that the agent controls is prompting the user
> for use of the key, and passphrase entry upon unlock.
>
> Why does this break mailpile?  I prefer the agent to have separate UI
> from the tool that uses the agent, because i want don't want tools that
> use the agent to be able to mask the agent's UI.
>
> I'm quite happy that enigmail (for example) appears to be dropping plans
> for non-agent use of secret key material.  this should be a simplifying
> change, and it should make it easier for systems to integrate OS-level
> prompting and feedback to the user independent of which application uses
> the secret key store.
>
>             --dkg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150228/0d283bf9/attachment-0001.html>


More information about the Gnupg-users mailing list