Robert Withers reefedjib@yahoo.com writes:
Lex,
I finally got SMIME signed mail working, having found a bug in RSA Signature code. I am getting the Crypto code updated on SqueakMap and I have published the latest SMIME in the Cryptography Monticello repository.
So do you want to integrate SMIME into Celeste?
On Apr 20, 2007, at 3:52 PM, Rob Withers wrote:
If we added SMIME to Celeste, it would become dependent on most of the Cryptography repository (http://www.squeaksource.com/Cryptography)
The new Crypto library is published to SqueakMap as 'Cryptography Team Package' and a new one is forthcoming that is needed for SMIME.
Hey, Robert,
In general this sounds great! If SMIME is popular, then Celeste may as well support it!
I admit I have a soft spot for PGP's web of trust approach to signatures. Certification Authorities are important even for PGP, but not to the same prominance. Do you know if it is even possible for a normal person to get a CA-approved SMIME-compatible cerificate? How much would it cost? PGP is all free.
Anyway, let's figure out how to get it integrated.
First, depending on Cryptography is just fine. It seems inevitable for a full-featured mail reader to depend on lots of stuff. I guess it would be possible to make the cryptography features optional, but then again, it doesn't strike me as a big deal.
Second, here is a sequence of mods that would seem to get the code integrated. Please correct anything that sounds bonkers.
1. MailMessage>>format should decrypt and check signatures when the message needs it. Whether it succeeds or fails, it can then insert a message at the top of the formatted result describing what it did, e.g. whether the signature passed.
2. MailAccount should have certificate information for the user, and Celeste should have menu items for modifying that information. I honestly don't know whether the certificate should be held in a file or in the image....
3. CelesteComposition ("Mr. Postman") should have buttons for signing and encrypting a message. (By the way, I notice there is a separate MailComposition class that looks like a clone of CelesteComposition. Don't be misled! In fact, this needs some refactoring; my initial vote would be to get rid of MailComposition, as the shortest path to a sane factoring.)
These three would seem to do the trick, don't you think? All the real work would be left to your SMIME package.
I do NOT plan to implement these immediately, because I have been spending my charity-work time on package universes lately. So, Rob or anyone, feel free to beat me to it and send me an mcz or a changeset. In the meantime, I'll put this all on my Celeste todo list.
Lex