Proposal for a Desktop Neutral Crypto API
kloecker at kde.org
Sun Apr 3 19:51:49 EEST 2005
On Saturday 02 April 2005 07:34, Brad Hards wrote:
> On Sat, 2 Apr 2005 06:30 am, Nielsen wrote:
> > I've drafted a proposal for a DBUS encryption API. It's meant to be
> > desktop neutral, and encryption system neutral (ie: OpenPGP vs.
> > S/MIME).
> > The Draft:
> > http://freedesktop.org/wiki/Crypto
> Apart from the "remember what we did last time", I'm not sure what
> this is meant to provide in terms of additional functionality over
> what could be done with a shared library. Can you explain what you
> are trying to achieve by a crypto API?
I have exactly the same question. Thanks to the two Aegypten projects
 there exists a very powerful library/backend for this, i.e. gpgme
et al. To make usage of this backend more easy for KDE apps (i.e. C++
interface, Qt classes, integration with Qt event loop) there exists
libkleopatra and additionally gpgmepp (C++ bindings for gpgme) and
qgpgme (integration with Qt event loop)).
Information about preferred crypto format, preferred keys and encryption
preference (i.e. always, whenever possible, never, etc.) is stored in
the addressbook in KDE. With the proposed API it doesn't seem to be
possible to do this. The proposal hides this information in the
implementation. I fail to see how the user can edit this information.
Why a DBUS service instead of a library? The implementors will anyway
need to use gpgme (I guess you don't plan to replace gpgme, et al.). At
least for OpenPGP there is no reasonable alternative. Of course, the
problem is that gpgme is still GPL licensed. Anything in kdelibs has to
be LGPL (or equivalent) licences (which is why libkleopatra currently
is in kdepim), and GTK/GNOME has the same problem. Sorry for playing
the devil's advocate but is this one reason for using a DBUS service
instead of a library? But I disgress. What I wanted to say is that a
KDE implementation would need an abstraction like the one libkleopatra
already provides. So the question now is why should other KDE
applications use a DBUS service if it's much easier to use the library
which is already there? Of course, the same question applies to GNOME.
Ingo (KMail maintainer)
 http://www.gnupg.org/aegypten/, http://www.gnupg.org/aegypten2/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/xdg/attachments/20050403/0ef1c670/attachment.pgp
More information about the xdg