[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kmail-devel
Subject:    Re: S/MIME
From:       George Staikos <staikos () kde ! org>
Date:       2003-08-25 20:06:01
[Download RAW message or body]


   Well the biggest problem right now is that the "plugin" architecture is 
only designed to support one plugin: the gpg based one.  This needs to be 
fixed so that it is KDE standardized and freedesktop XDG compliant.  the XDG 
spec (I think that's the right spec) defines the location for plugins to be 
installed, for instance.

   I suspect we will have a fully working PKCS#11 sometime over the next year 
and it would be nice if our plugin worked so we could use it.

   I still believe that this licence complaining is a load of crap.  If the 
licencer and the licencee both agree that the licence is acceptable to 
eachother, then that must be sufficient.  KMail will not be linking against 
OpenSSL (it never does, really, though it does use KSSL).  The plugin can be 
in a separate directory.  At that point, the only person concerned must be 
the plugin author.

   If the plugin system can actually be turned into a *plugin* system and not 
a hardcoded library path to ~, then I propose we finish up the KSSL S/MIME 
plugin and commit it to kdepim or kdeaddons.

   KDE has a chance to do something very "big" (read: extremely cool for KDE 
users only), but I am not releasing details and not even beginning to 
implement it until we have proper support in KDE for it.  This means storing 
certificates in one place, not multiple places.


On Monday 25 August 2003 14:13, Bart Symons wrote:
> There is one large disadvantage in relying on gpg to embed S/MIME in KMail:
> gpg does not support smartcards in a standard, generic manner. It does not
> support PKCS#11.
>
> This is sad because it automatically excludes every smartcard for which the
> manufacturer or issuer have gone through the trouble of providing a Linux
> version of their PKCS#11 driver. In Belgium the (mandatory!) national
> identity card is an RSA enabled smartcard with certificates issued by the
> federal gov't. It will even have a PKCS#11 module for Linux, provided by
> the government. But I won't be able to use it in KMail or Konqueror.
>
> On Monday 25 August 2003 11:16, Ingo Klöcker wrote:
> > On Saturday 23 August 2003 07:13, Harald Schmalzbauer wrote:
> > > Dear developers,
> > >
> > > thank you very much for your great work.
> > > While trying to get S/MIME working I had to read a lot about Ägypten.
> > > Now this is the most rediculous way to make Kmail s/mime capable.
> > > Why should s/mime be implemented in gpg?
> >
> > Because it makes sense to have just one tool which can be used for both,
> > PGP and S/MIME.
> >
> > > My problem is that gpgsm seems to have many bugs (--import doesn't
> > > work (bus error) also GENKEY doesn't work (general server error))
> >
> > Please direct any bug reports regarding the gpg stuff to the gpa-dev
> > mailing list (cf. CC).
> >
> > > Why not use openssl like in konquerror and in sIMAP etc?
> >
> > There's a kssl based S/MIME plugin available in kdenonbeta (IIRC). The
> > problem with openssl is that it's license is not GPL compatible. So
> > it's questionable whether this kssl based S/MIME plugin can be legally
> > used in KMail.
> >
> > > pgp/mime is working fine, but the steps you have to pass are not
> > > beneficial to convince people using encryption. (On the other hand
> > > one can easily use PGP in traditional way so that's not that
> > > horrible)
> >
> > I agree with that. But OTOH everything that's necessary is already
> > included for example in the SuSE distrubution. So apart from having to
> > install a few extra RPMs all that's a bit complicated is the
> > configuration. I agree that this has to be improved.
> >
> > > Kmail is really what GUI users want to have except the missing
> > > encryption capabilities. In my opinion the Ägypten project was good
> > > for some companies but that horrible managed that I can't see any
> > > results besides some gaming/learning effects for a few people and a
> > > good money burn rate.
> > >
> > > Sorry for that impolite expression of my opinion, but please
> > > coordinate any available develpment power into s/mime implementation.
> >
> > Regards,
> > Ingo
>
> _______________________________________________
> KMail Developers mailing list
> kmail@mail.kde.org
> http://mail.kde.org/mailman/listinfo/kmail

-- 
George Staikos
KDE Developer				http://www.kde.org/
Staikos Computing Services Inc.		http://www.staikos.net/

_______________________________________________
KMail Developers mailing list
kmail@mail.kde.org
http://mail.kde.org/mailman/listinfo/kmail
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic