Various design questions

Simon Josefsson jas@extundo.com
Mon Oct 22 12:01:01 2001 

George Staikos <staikos@kde.org> writes:


> On Saturday 20 October 2001 13:58, Bernhard Reiter wrote:

>=20

>> >    I know that you have to make this compatible with Mutt, but do you =

not

>> > agree that things like key management should be integrated with the KDE

>> > crypto manager?  I think it would be unfortunate for users to have to

>> > import their keys in two places and manage them twice.

>>

>> The optimal solution would be that keys are held in one place

>> and can be accessed by several "front-ends".

>> GpgSM will be this part in the diagramm of

>> 	http://www.gnupg.org/aegypten/tech.en.html

>>

>> AFAIUI Gpgme will be the api which can be used by several programs

>> to control the keydatabase.

>=20

>    The only real way to get this to work now is to have the KDE GUI searc=

h=20

> both key databases.  We have to have our own.  Not anyone will want to=20

> install this project but they may want to use SSL in Konqueror or code=20

> signing in Reaktivate.   This also raises another question:  When a user=

=20

> imports a new key via the GUI, which database does it go into?  The GPG o=

ne=20

> or the KDE one?  Or both?  Or do we prompt the user?  I guess by using th=

e=20

> md5 fingerprint it's easy to remove duplicates so that isn't a problem.=

=20=20

> KMail should use the KDE key manager though, not the GPG one  (but the KD=

E=20

> key database can of course merge at runtime with the GPG one).  It would =

be=20

> terribly unfortunate for a user to import a key into the KDE database and=

=20

> then not get to use it from within a KDE application.


IMHO there should be a command line interface (or dynamic library
ditto) to =C4gypten, and Kmail etc could use it, via the KDE key
manager.  Then non-KDE stuff such as Gnome and other applications
(e.g., Emacs) could interface to the same database as well, without
the need of interfacing with a full-blown widget-specific GUI.  It
would be unfortunate if all programs that need security has to require
KDE, especially considering text-only apps such as Mutt.