'Re: [Kde-pim] KMail & GPG integration'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-pim
Subject:    Re: [Kde-pim] KMail & GPG integration
From:       Ingo =?iso-8859-1?q?Kl=F6cker?= <kloecker () kde ! org>
Date:       2006-04-30 23:57:08
Message-ID: 200605010157.12786 () erwin ! ingo-kloecker ! de
[Download RAW message or body]

[Attachment #2 (multipart/signed)]

On Saturday 29 April 2006 14:46, Stefan Gehn wrote:
> Moin,
>
> I'm currently working on my bachelor thesis which is centered around
> usability and security. For the practical part I'm planning to
> improve gpg-integration in kmail.
>
> Ideas so far (in no particular order and probably not detailed enough
> yet):

I think the first step would be to make kgpg use libkleo (or at least 
gpgme) unless this has already been done. Using gpgme is the only way 
to guarantee that applications using GnuPG will still work with later 
versions of GnuPG.

> - use kgpg from kmail (could be implemented in libkgpgp, could as
> well be in a lib of its own) for displaying key-information, creating
> keys for accounts and more

For displaying key-information it would make sense for KMail and KGpg to 
use the same library. Maybe in libkleo/ui (which is hidden in 
certmanager/lib/ui in branches/KDE/3.5/kdepim)?

> - allow user to manually fetch missing keys from kmail (could use
> kgpg for progress-gui and results)

Yes.

> - make key-creation dialog in kgpg a wizard that explains things
> (like "why it's good to upload the public key")

Great.

> - gpg-agent setup through wizard, either as part of a lib or kgpg
> (kmail needs gpg-agent for encrypting)

How much setup is necessary? I think the only problem is that a suitable 
gpg-agent.conf has to be added to ~/.gnupg and a simple file containing 
the command line for starting gpg-agent has to be added to ~/.kde/env.

FWIW, there's gpgconf which should probably be used for editting 
~/.gnupg/gpg-agent.conf. You should have a look at KWatchGnuPG.

> - hide all the hex-stuff (key hashes etc.) if possible (thunderbird
> for example uses icons in its mail-view instead of hex-values)

I'm not sure how this would look. Please attach a mockup or a screenshot 
of tb.

> - maybe make asking for passphrase an async process, right now kmail
> freezes while pinentry-qt asks for my passphrase (is this possible?)

Yes, this should be done, but I don't know how easy/difficult it is.

> - make messageboxes about missing keys more helpful, currently they
> tell you to open the account-settings if you don't have a key
> assigned but they don't allow you opening it right away

Yeah, that's a pretty annoying bug. I think the problem is that we 
currently can't open the configuration dialog with a specific page. Or 
maybe we should open just the relevant account settings dialog?

> I have looked into kdepim apidocs and sources a bit but many things
> don't seem to be documented or I couldn't find them in kdepim-sources
> yet. Questions so far:
>
> - what does kmail use libkgpg for, is that the only path to access
> gpg or are there others?

libkpgp was used in the past and is still used for dealing with 
clearsigned messages (AFAIK). It should eventually be dropped 
completely.

> - can kmail/libkgpg drop the non-gpg-agent functionality for signing,
> I think it's VERY confusing that signing works but encryption does
> not unless gpg-agent is setup properly

Yes, that's confusing. OTOH, we should rather make KMail automatically 
start gpg-agent if it's not running and we should get rid of the 
gpg-agent-less workaround code for signing.

> - why is the account-wizard only shown on first start? I'd like to
> add an option for key-creation/selection to it, would be way cooler
> if people could also use that for accounts created _after_ first
> start

Yes, the wizard should probably used for every account creation (with an 
easy way to skip it and go to the normal config dialog).

> - where do the certificate manager and gpg log menu-entries come
> from? Both are disabled here, that looks confusing when gpg is
> actually working

The certificate manager is nowadays called kleopatra and the gpg log is 
kwatchgnupg (which I already mentioned above). Maybe those two 
applications are not installed on your computer. BTW, kleopatra and 
kgpg should ideally be merged in some way. Currently, kleopatra is 
(mostly ?) restricted to S/MIME certificates.

Regards,
Ingo

[Attachment #5 (application/pgp-signature)]

_______________________________________________
kde-pim mailing list
kde-pim@kde.org
https://mail.kde.org/mailman/listinfo/kde-pim
kde-pim home page at http://pim.kde.org/

[prev in list] [next in list] [prev in thread] [next in thread] 