On Sat, 2 Apr 2005 06:30 am, Nielsen wrote: > I've drafted a proposal for a DBUS encryption API. It's meant to be > desktop neutral, and encryption system neutral (ie: OpenPGP vs. S/MIME). > > The Draft: > http://freedesktop.org/wiki/Crypto Apart from the "remember what we did last time", I'm not sure what this is meant to provide in terms of additional functionality over what could be done with a shared library. Can you explain what you are trying to achieve by a crypto API? If I understood that, I might be able to make a more informed comment. First look over: * why the choice of key types (openpgp and smime)? * are you trying to replace existing key agenst (eg for ssh or GPG)? * what is the format for org.freedesktop.Crypto.Keys.ImportKeys and ExportKeys? * how do you handle usage specific trust (eg I trust a certificate or key for a game server, but I wouldn't trust that certificate for my online banking)? * org.freedesktop.Crypto.TextOperations.EncryptText() and .DecryptText() appear to be pretty GPG centric. What if I want to encrypt with Blowfish, CBC mode, with a specific IV, PKCS7 padding? * same for TextOperations.signText and VerifyText. What if I just want to do HMAC using SHA256? *same for URIOperations. * are you confident that DBUS is secure enough for this? Brad
Attachment:
pgpPjlwjV8T6h.pgp
Description: PGP signature