[no subject]



Anyway the idea I've implemented is something like:

 * The design allows displaying of certificates from any source. One
   major problem with the libcryptui APIs was that the transformation
   between the key handle and their representation inside of the
   calling application. It worked okay when simple PGP text based
   encryption was used via DBus, but that's about it.

 * A GObject based interface for certificates. This interface is
   implemented by various sources of certificates. For example
   one source may be a simple file, another may be the NSS library.

   Currently this interface is CruiX509Cert. The implementors of this
   interface supply the DER encoded certificate data, as well as other
   data possibly.

 * libcryptui gained a dependency on libtasn1, in order to parse the
   DER data and display it as certificate information.

 * I'm using a the prefix 'crui' to differentiate this from the older
   libcryptui APIs. Also it's shorter, and these C API names get so
   long :(

 * How will PGP key selection and display fit into this? I'm not
   exactly sure yet. It sure would be nice to be able to display
   PGP keys without importing them, and perhaps doing our own
   parsing of the key data (similar to how we'll parse DER data
   in X509 certificates) may be the way to implement this
   flexibly. Use opencdk?

These are just some of the aspects, and it's a lot to think about or
plan out. For example, should this live in a separate GNOME module?
However I think this'll get us started in the right direction. Please
feel free to pitch in with ideas, comments or code :)

Cheers,

Stef Walter

PS: Sorry for a bit of an absence from the bug fixing on seahorse and
gnome-keyring for the past several weeks. And props to everyone who's
been polishing and fixing rough areas in these projects!



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]