Re: SFL and Balsa

From: "Timothy Ang" <leonhong2001 yahoo com>
To: <wil dready org>, "Brian Stafford" <brian stafford uklinux net>
Cc: <balsa-list gnome org>
Subject: Re: SFL and Balsa
Date: Mon, 15 Oct 2001 20:41:28 +0800

CDSA or Common Data Security Architecture spearheaded by Intel,
attempts to set an vendor and technology independent open-source
common security standards for applications.
More can be found at http://developer.intel.com/ial/security/index.htm

I heard that a lot of companies are using CDSA as a middleware to
implement their security layers in their applications.

Unfortunately, one has to implement the functions in their Messaging API
extensions, which makes a huge drawback in using CDSA in email clients.
In actual fact, SFL, developed by RSA, is not that popular in Linux.
It is mainly used in Windows. I guess RSA's reputation was tarnished by Hugh
Jackman
in the movie Swordfish...

You mentioned there's a SMIME patch for mutt. But I have noticed that Balsa
uses
Gnome to recognise the attached file's mime-type. Thus unless one registers
the file
extensions in a system file, Gnome is going to "stereotype" the file as
"application/octet-stream".
Is it possible to "plug" it into Balsa, especially in labelling what
protocol or encoding algorithm
in encryption in the mail headers? How useful will it be to use this patch
alongside with SFL?

Best Regards,
Tim

----- Original Message -----
From: "wil" <wil@dready.org>
To: "Brian Stafford" <brian@stafford.uklinux.net>
Cc: "Timothy Ang" <leonhong2001@yahoo.com>; <balsa-list@gnome.org>
Sent: Monday, October 15, 2001 7:41 PM
Subject: Re: SFL and Balsa


> Timothy: What's CDSA?
>
> >
> >Anyway the point is having S/MIME does not preclude the use of PGP/MIME.
> >
>
> But they are completely different and not-interoperable. It'd be great if
> Balsa could support both, but that's not an easy job. See below.
>
> >>  > Another thing is, it is fairly difficult to both support S/MIME and
> >>PGP at
> >>  > the same time (I don't even know of any commercial mailer that can
> >>do it).
> >>  > GPG Made Easy is an API that is supposed to be generic but it looks
> >>pretty
> >>  > young a project.
> >
> >Wrong.  Read up on multipart/encrypted (RFC 1847).  Any number of
> >mechanisms
> >can coexist in this framework.
> >
>
> I'm referring to the implementation i.e. support both in a consistent
> interface in Balsa. Conceptually the operations are mostly similar, sign
> with private key, encrypt with public key, verify with public key, decrypt
> with privkey etc. I've seen the SMIME patch for mutt, it uses lots of
> #ifdef's mainly because mutt was hardwired for PGP. It would be painful to
> do that in Balsa. But is it worth defining an abstraction for just two
> standards?
>
>
> | wil                   |
> | http://www.dready.org
>


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Follow-Ups:
- Re: SFL and Balsa
  - From: wil

References:
- SFL and Balsa
  - From: Timothy Ang
- Re: SFL and Balsa
  - From: Brian Stafford
- Re: SFL and Balsa
  - From: wil
- Re: SFL and Balsa
  - From: Timothy Ang
- Re: SFL and Balsa
  - From: Brian Stafford
- Re: SFL and Balsa
  - From: wil

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]