On May 20, 10:54 am, Oliver <thialfi...@gmail.com> wrote:
> As stated in the issue #13 already, I think a secondary app that
> concentrates on key management and encryption/decryption is sensible,
Yes... especially since I know of other apps that want to use AGP
features beyond email. Have you published the intents you offer in AGP
and docs on how to use them?
> 1. Encrypt checkbox and sign checkbox somewhere in the compose
> activity, which when enabled makes k9mail fire an Intent when "Send"
Yes, as seamless as possible is good, with some options such as
"always encrypt if key is available" and "always sign messages" etc.
I also would want to have decryption of messages be as transparent as
possible, and not a two or three step procedure. That could get
annoying on a mobile device, so an "automatically decrypt" option
would be best, along with a preference on how long to cache passwords.
> 2. Opening an email allows k9mail-side determination of the type of
> email, if it is PGP/MIME or inline PGP MESSAGE/SIGNATURE, then it can
> offer a button or two (maybe in a secondary bar above "Reply", etc.)
Any thoughts on handling PGP/MIME attachments or .ASC encoded files,
messages or keys?
For whatever reason on the desktop, I send my encrypted messages using
MIME attachments, not plain text encoded ciphertext in the body, so I
don't think attachments should always be considered "files".
> on in k9mail should still work if some other app comes along and
> offers to be able to handle those tasks. That being said... I'll try
> to make sure there's never a better alternative. ;)
I think documenting an open API intent for encryption is a very
honorable approach, and would encourage you to do this. That said, I
hope there is never a better alternative either b/c you've done such
great work so far!
+nathan
Heyup. Same to you and everybody else from me. :)
> 1. I think it would be very useful to have the passphrase longevity to be
> practically for ever, or a bit more conservatively until the phone
> is turned off, or locale changes or something like that. Again, since this
> an option, the paranoid can keep it at 1sec or whatever :) For me my phone
> is more secure than all other computers I use, it may vary for others...
I suppose the option "Until quit" is easily added. Mind creating an
issue on the APG Google Code site for that?
> 2. Taking a leaf from one of the earliest seamless pgp integrated mailer of
> 15 years ago, PmMail: Why show the encrypted text at all? I cannot imagine
> it being remotely useful to view other than for debugging. Instead replace
> it with icons 'Encrypted", "Signed", ...
> 3. Better still, IMO, when the passphrase is available (1. above, almost
> always), just proceed automatically to decrypt (with the current progress
> bar) and show result with the flag it was received 'encrypted'.
I'm assuming you mean the display in K9. I'm not in favour of doing
things like this automatically, especially on a device that isn't as
powerful as a desktop PC. One might reach an encrypted email by
moving/deleting another email, pressing previous/next, or simply
misclicking or wanting to check some header information... it'd be
very annoying if this automatically went to APG, where a possibly
lengthy decryption would be initiated. Especially once we get PGP/MIME
and encrypted attachments working this could result in quite useless
computation.
Also keep in mind that K9 has no information or access to the pass
phrase cache of APG. Of course one could implement an API that just
asks "got the pass phrase to this key?", but even that is data I don't
think any other app should have access to.
However, we could at some point add an option to automatically decrypt
for those who really want it. Perhaps even with some rules. That's all
still quite far away, tho. :)
> If you guys need more help, I am willing to provide coding and other tasks.
> Cordially, CqN
Thanks for the offer! An extra pair of eyes and skills are always
welcome, of course. Most of the issues above are purely APG related,
I'd say, so feel free to poke at the APG source a bit. Perhaps even
have a stab at providing a patch for the "Until quit" option to get
started. :)
In K9 I'd like to implement PGP/MIME next, but I'm not quite sure how
to do that yet. ;)
Ciao,
Thialfihar