Re: Mime part viewers, support for PGP, ICS files and others

[Nate Nielsen <nielsen memberwebs com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Philip Van Hoof wrote:
> o. a mime-part view that shows and deals with PGP mime-parts being
> security keys. The integration with frameworks like Seahorse will happen
> via the implementation of this mime-part view.

Just for the record, Seahorse supports key selection, key listing, key
importing and basic text *cryption/validation via its DBUS interface. It
doesn't try to expose every PGP related operation. In particular, PGP
has a mess of different MIME (and not so MIME) standards when it's used
with email. Seahorse isn't much involved in that part.

> Another example will be a PGP mime-part. The action to handle (viewing
> it) the PGP mime-part might simply be asking Seahorse whether or not the
> PGP key is a valid one. And if not, Seahorse would probably return
> something bad so that the view can show a red label telling the user
> that no, the key is not okay. Or a green label telling the user yes, the
> key is okay.

The concept is cool.

However, this specific example won't work as expected. There's no way to
return information about a non-imported key. The GPG developers state
(and they are technically correct) that importing a key into the user's
public keyring is a non-destructive and non-security sensitive operation
by nature. This is true when the user uses 'PGP owner trust' and the
'web of trust' properly.

I imagine that when this PGP mime-part is implemented, the seahorse DBUS
interface (libcryptui actually) will probably need some upgrades. It's
currently in its infancy. I'd be willing to do work with you on what's
needed.

Cheers,
Nate
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFLm7Ye/sRCNknZa8RAkCOAJ0ceqI7vpzamtU4oLz2hPhs15oOjwCfSMOu
RvSJNppxwX3xkiH3TfM5WYI=
=mqq0
-----END PGP SIGNATURE-----