Re: PGP/MIME [was Re: Balsa Encrypts messages with GnuPG!]



On Wed, 3 Jan 2001, Alan O wrote:
> 
> I looked at your API, and I must admit it looks really nice, and would be
> a
> much better implementation than what I have written. BTW, Mine does also
> support encryption and sign+encrypt, but like I said before, only for the
> main part of the message (the one typed in the window). All the rest is
> left untouched. I cleaned up the code, and now it handles basic
> exceptions
> like bad password, missing key, missing gpg binary, and such, but the way
> the code handles these things will probably have to change slightly for
> decrypt/verify as it's really somewhat of a hack.

Be careful with decrypt, you can't be sure the thing you are decrypting is
ascii. I caution you with that for encrypt and sign and the others as well.
(decrypting pgp'd data is another problem with inline-pgp implementations -
you can never be *sure* that what you are decrypting is plain text).

> 
> Anyway, what's the best way to get my code into the hands of someone, or
> everyone, to review it and make a decision about adding it or chucking it
> or whatever? I've looked through the FAQ's and I can't really see how to
> do
> it (maybe I overlooked it?). This is my first open-source/cvs
> contribution.

You could probably send in a patch and people would review it or perhaps
posting it to a web site? Sending a diff to the list'd prolly be best
though. I guess it depends on how big it is (I'm not a Balsa developer so I
can't say for sure).

> 
> As far as inline "hacks," they aren't as good as PGP/MIME, but they are
> still used. In fact, Eudora uses inline encryption by default (at least
> on
> the version I have). I would imagine that there are clients that only
> support inline encryption (don't have any evidence because I don't have a
> linux mailer that supports PGP/MIME :) ).

True, which is why it'd be good to support receiving them. I'd still avoid
sending them though.

Btw, don't take my "flames" personally - I know you've probably suffered
through a fair amount of hard work to get to where you currently are with
your patch. I just think that PGP/MIME is the better path.

Jeff




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]