Hi Jan,
On Wed, Jan 31, 2018 at 19:00 +0100, Jan Jancar wrote:
If you would like to use a Python OpenPGP implementation you could look at [PGPy] and how I used it in mailman-pgp.
It's under consideration here: https://github.com/hpk42/muacrypt/issues/32 Are your experiences with pgpy indicating it's compatible with enigmail and k9-mail? (see the questions on that issue)
PGPy is a quite complete OpenPGP(RFC4880) implementation, its support table shows that:
https://pgpy.readthedocs.io/en/latest/progress.html
The unsupported packets are very rarely used nowadays and are only really produced by very old PGP clients, afaik. PGPy also has a quite extensive test suite that works with gpg internally.
I suggest you look at PGPy issue tracker to see what it lacks currently, the most painful issue I think is the missing support for writing partial length packets. It can read them just well but not output them.
Good to know! I added the links to the muacrypt issue i linked above. dkg and vincent (from k-9 mail) tell me write support of partial length header is not needed for e-mails, so that's good because i'd like muacrypt, my in-progress autocrypt implementation, to work with pgpy sometime (https://github.com/hpk42/muacrypt/issues/32 )
- No special interface is needed on the mailing list web page maybe except from enabling/disabling the plugin/support.
Plugin configuration is done through the Mailman configuration and those are read-only through the REST interface. However a plugin might supply it's own REST endpoints for example for per-list setup/configuration.
I guess read-only REST would allow for a command line interface for debugging or other low-level configuration wrt to autocrypt key status for peers. Can a plugin add per-list configuration options (enable/disable, maybe a choice between 2-3 policies?)
Yes definitely, the configuration will be handled completely inside the pkugin. I'm thinking along the lines of:
Expose a custom REST endpoint for per-list Autocrypt configuration, that can be read-write, however is only protected by one global REST user-password pair. That will be accessed by an Autocrypt Django app, similarly to how I implemented configuration for mailman-pgp in [django-pgpmailman]. That app can be then run alongside Postorius and HyperKitty which provide Mailman's configuration and archives. So this gives list admins a simple web UI for per-list Autocrypt configuration.
Provide a CLI command component which can manage the per-list Autocrypt configuration of the Mailman instance locally.
sounds good. Is it also possible to hook into the standard mm3 configuration, for adding a per-list configuration item that can then be processed by plugin code?
holger