mutt smime support
Thomas Roessler
roessler@does-not-exist.org
Wed Oct 10 18:46:04 2001
On 2001-10-10 17:10:05 +0200, Werner Koch wrote:
>The problem in using OpenSSL is that it is not GPL compatible. So
>there is no way for us to base it on OpenSSL.
There is no problem with calling other, OpenSSL-based command line
utilities from GPLed software. Just produce a well-defined,
command-line-based interface.
(Oh, and also try to avoid using the GPL whereever you can. ;->)
BTW, I seem to recall that there's another SSL implementation from
Netscape/the Mozilla project which may also have the things you are
looking for.
>We should discuss with Thomas on how to create a common MOSS
>interface. The currently used command line interface is somewhat
>limited.
I'd seriously prefer to stick with a command line interface to the
cryp to back-end - it's most easily integrated in all kinds of
scripts and programs, the interface can easily be made configurable,
and it's most compatible to the Unix paradigm of small tools which
do one thing well.
On 2001-10-10 17:19:05 +0200, Stefan Marsiske wrote:
>MOSS???
Basically the predecessor of S/MIME - it was an attempt to marry PEM
(Privacy-Enhanced Mail) with MIME. While MOSS and PEM themselves
aren't used any more, MOSS is where multipart/signed and
multipart/encrypted come from. Much of the basic design paradigm
for S/MIME and PGP/MIME comes from there.
However, it should be noted that MOSS falls rather nicely apart into
two layers: MIME handling and crypto handling. In particular, the
cryptography layer does not need to know _anything_ about MIME.
Thus, designing things with MIME and crypto in mind at the same time
may be a bad idea for most of the software you are going to write.
Just think about encrypting and signing arbitrary data which is fed
through some pipe or temporary file from some other, undefined
layer. This data may have been ripped out of a MIME message, and it
may also have a MIME structure itself - but that's none of the
crypto back-end's business.
MIME handling, on the other hand, is most likely being done vastly
different in different mail user agents, so sharing code to do that
would be quite difficult.
However, that MIME handling isn't the complex part with integrating
*/MIME, once you have the back-end: Getting key selection done right
is. And that's another thing which is closely related to the MUA's
structure, design and code.
--
Thomas Roessler http://log.does-not-exist.org/