wking at drexel
Mar 25, 2012, 8:27 PM
Post #1 of 4
gpgme-agent (GPGME over Assuan) feedback request
I've been messing around with a Python wrappers around GnuPG every
once and a while for a few years now, but nothing I've seen or done
has felt particularly natural. I've just finished the initial stages
of an approach that I haven't seen before: a cryptographic agent that
you can communicate with via Assuan . It's similar to gpg-agent,
except instead of manging passphrases and keys, my agent signs,
encrypts, and verifies data. Because it uses GPGME to do the
cryptography, I'm calling it gpgme-agent.
If you're in another language (such as Python), I think it's easier to
communicate via sockets with a C-based agent than to use a wrapping
mechanism to call the libraries directly. On the other hand, there
may be some security issues with my approach that I'm overlooking.
Anyhow, I'd appreciate some feedback on this approach. I'm posting to
gnupg-devel rather than gnupg-users, because if people think this is a
useful approach, I'd like to flesh it out and get it included in the
standard set of GnuPG tools. If this is outside that scope, that's
fine too, and I'll keep it simpler.
This email may be signed or encrypted with GnuPG (http://www.gnupg.org).
For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy