On Mon, Oct 28, 2019 at 04:20:39PM -0400, Daniel Kahn Gillmor wrote:
Hi OpenPGP folks--
The recently-announced OpenPGP test suite [0] inspired me to try
drafting a spec for a purely-functional, stateless OpenPGP command line
interface. The idea is that different implementers could provide the
same interface, focusing specifically on the object security aspect of
OpenPGP (leaving aside identity management).
An example (using "sop" as the command, short for "Stateless OpenPGP"):
sop generate 'Alice Lovelace <alice@openpgp.example>' > alice.sec
sop convert < alice.sec > alice.pgp
sop sign --as=text alice.sec < announcement.txt > announcement.txt.asc
sop verify announcement.txt.asc alice.pgp < announcement.txt
sop encrypt --sign-with=alice.sec --as=mime bob.pgp < msg.eml >
encrypted.asc
sop decrypt alice.sec < ciphertext.asc > cleartext.out
I think this is a *phenomenal* idea. I wonder if this could mature in a
well-defined API that e.g., gpgme could adopt?
I've just published an initial draft of this specification here:
https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/
It's tracked as markdown source in git at:
https://gitlab.com/dkg/openpgp-stateless-cli
But i'd very much like other contributions or authors. If you're an
implementer of an OpenPGP toolkit, and you think you might take a crack
at implementing part of it, i'd love your feedback. If there's
sufficient interest in the community, i'd be happy to move the `sop`
spec over to https://gitlab.com/openpgp-wg/ so that it's clearly not
something that i'd be a blocker on.
I'll definitely take a look, as we implement bits and pieces of
rfc4880/rfc4880bis on NYU's securesystemslib.
Thanks!
-Santiago.
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp