On Thu, 2016-03-10 at 10:08 +0100, Nikos Mavrogiannopoulos wrote:
Lenka had a nice idea for the interface to select certificates. If the selected by the user file contains a combo of usable certificate/private key, allow pressing OK. If not print something in the windows (not popup), e.g., private key not yet specified, and keep the window open for the user to select it.
Yes, that's exactly what Tyagi is working on, hopefully as as GSoC project for GNOME. I've pointed him at Lenka's ideas, and even put one of the mockups into https://bugzilla.gnome.org/show_bug.cgi?id=679860 In Comment 5 there I have outlined how I think the UI should flow — and yes, it involves prompting for passwords as required, and continuing to prompt for a private key file (or PKCS#11 location) if the location chosen for the *certificate* doesn't also contain the key. But I *don't* want Tyagi to get bogged down in the minutiae of dealing with the various specific file formats. That's the kind of thing that the crypto libraries are supposed to handle for us. -- David Woodhouse Open Source Technology Centre David Woodhouse intel com Intel Corporation
Attachment:
smime.p7s
Description: S/MIME cryptographic signature