PIN-Entry
Werner Koch
wk@gnupg.org
Tue Oct 23 17:36:07 2001
Hi!
I have just defined the protocol used to communicate with the
PIN-Entry - pretty simple indeed (assuan-pinentry.txt in the
aegypten-specs module).
Because the PIn-Entry is a small GUI utility we can just fork and exec
it whenever we need some interaction. This makes the communication
pretty easy, as we only need to use 2 pipes for it - actually this
will be stdin and stdout of course.
I have thought again about the issue of passphrase caching and came to
the result that it is better to let the gpg-agent (who invoked the
PIN-Entry) do that. For various reasons, the gpg-agent has to stay in
memory anyway and is therefore the best place to keep some sensitive
sesion data.
It might be best to write it as a standalone QT utility without a need
for any KDE libs - it has to grab keyboard and mouse anyway, so it
does not matter whether it has all the nice KDE standard features. In
fact it should not have them and cut+paste should not be possible.
Werner
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus