Re: Complaints about GPG Key



Am 10.12.08 09:21 schrieb(en) Paweł Sałek:
Actually, I believe gpgme library should provide an interface to perform the action "try verifying, if the key is missing, fetch it"... It could alternatively provide two actions "verify", and "fetch key" so that balsa can do if(verify failed due to missing key) { fetch key; verify; }

No, this isn't something for gpgme, which simply provides an abstraction for a whole bunch of crypto backends, including, but not limited to, gpgme (pgp keys), gpgsm (s/mime certificates, smartcards, and similar devices), and possibly more in the future. The backends are supposed to trigger anything which is needed for that. E.g. gpgsm will ask scdaemon, which in turn triggers pinentry popping up as to unlock your smartcard.

We just ask to gpgme to (en|de)crypt or verify something, and let it take any proper action for that operation (which, btw, might also include the smartcard in the gnupg case!). If that fails for whatever reason, return an error. If something should be done automagically by the backend, configure the backend appropriately - this is probably completely different for each and every backend (compare gpg to gpgsm). The button in Balsa to download a gpg key (or check for updates) is somehow against this philosophy, but simplifies life for a common case.

Cheers, Albrecht.

Attachment: pgpTITI7b3XYR.pgp
Description: PGP signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]