Proposal for a Desktop Neutral Crypto API

Ingo Klöcker kloecker at
Sun Apr 3 19:51:49 EEST 2005

On Saturday 02 April 2005 07:34, Brad Hards wrote:
> On Sat, 2 Apr 2005 06:30 am, Nielsen wrote:
> > I've drafted a proposal for a DBUS encryption API. It's meant to be
> > desktop neutral, and encryption system neutral (ie: OpenPGP vs.
> > S/MIME).
> >
> > The Draft:
> >
> Apart from the "remember what we did last time", I'm not sure what
> this is meant to provide in terms of additional functionality over
> what could be done with a shared library. Can you explain what you
> are trying to achieve by a crypto API?

I have exactly the same question. Thanks to the two Aegypten projects 
[1] there exists a very powerful library/backend for this, i.e. gpgme 
et al. To make usage of this backend more easy for KDE apps (i.e. C++ 
interface, Qt classes, integration with Qt event loop) there exists 
libkleopatra and additionally gpgmepp (C++ bindings for gpgme) and 
qgpgme (integration with Qt event loop)).

Information about preferred crypto format, preferred keys and encryption 
preference (i.e. always, whenever possible, never, etc.) is stored in 
the addressbook in KDE. With the proposed API it doesn't seem to be 
possible to do this. The proposal hides this information in the 
implementation. I fail to see how the user can edit this information.

Why a DBUS service instead of a library? The implementors will anyway 
need to use gpgme (I guess you don't plan to replace gpgme, et al.). At 
least for OpenPGP there is no reasonable alternative. Of course, the 
problem is that gpgme is still GPL licensed. Anything in kdelibs has to 
be LGPL (or equivalent) licences (which is why libkleopatra currently 
is in kdepim), and GTK/GNOME has the same problem. Sorry for playing 
the devil's advocate but is this one reason for using a DBUS service 
instead of a library? But I disgress. What I wanted to say is that a 
KDE implementation would need an abstraction like the one libkleopatra 
already provides. So the question now is why should other KDE 
applications use a DBUS service if it's much easier to use the library 
which is already there? Of course, the same question applies to GNOME.

Ingo (KMail maintainer)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : 

More information about the xdg mailing list