?Two Certificate Managers? (Re: regarding KPF)

[Marc Mutz]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday 19 April 2002 13:25, George Staikos wrote:
> On April 19, 2002 06:47, Marc Mutz wrote:
<snip>
> > OpenSSL:
> > - The Aegypten stuff bases on gnupg (newpg). It now does s/mime, too.
> >   GnuPG has been extended to work with smartcards and uses app-independed
> > GUI dialogs for e.g. PINentry. So sharing the database isn't impossible,
> > they're just not contracted to do it.
>
>    Well if it's going to be in KDE you would think that KDE facilities
> would be used.  KMessageBox was used.  QString was used.  The KDE crypto
> facilities were not.

Well, what's part of KDE makes use of KDE: The LDAP-enabled Addressbook uses a 
KIOSlave, e.g. What's in KMail uses Qt/KDE classes. They even use designer's 
UI format to generate native dialogs for Qt, gtk(?) and mutt/console(!). 
Don't tell me that they don't use KDE facilities.

But the fact is that this is _no_ KDE project. The contract AFAIU is about 
extending GnuPG to do S/MIME, using this in KMail and mutt _and making it 
generic enough so that other mail clients can use it, too_, and adding LDAP 
to the KDE addressbook. Werner will use the extended GnuPG in Sylpheed, IIRC.

Of course we KDE people like to point out that the first mailer that has to be 
stuffed with S/MIME support is KMail. We like to see this as a KDE project. 
But it isn't. It is much more than just adding S/MIME to the random KDE 
mailer.

It is, however the accelarator that could bring KDE to thousands of offices in 
Germany. Since without Sphinx compatibility, it will be hard for a desktop to 
get on official desks in Germany.

>   And yes, we're working on a smartcard facility for KDE also.  There will
> be yet another inconsistency.

No. They're not working on a smartcard facility for KDE. They're working on a 
smartcard facility for _GnuPG_. That they have the back to make it generic 
enough so that it can be used elsewhere even though they have a tight 
schedule and could have easily done their own thing is something that should 
be appreciated. The KDE solution instead is just that: a KDE solution.

> > - The Aegypten team has been contracted to develop _free_ software.
> > OpenSSL isn't free.
>
>    This argument grows very old.  If you don't like putting the original
> author's name in your application, write a replacement.

The BSI follows the FSF's definition of free software and they're the people 
that pay for Aegypten. They demand that the product they pay for is free 
software (everyone let this sentence sink in, please) and that's it. If it 
has to be free software, it can't use OpenSSL. Point. Nothing to argue about.

And yes, Werner _has_ written a replacement. And yes, with luck (and external 
help maybe), we'll see this as libgcrypt soon. Hopefully you can then use 
this as a replacement for openSSL.

Again, this project has managed to use the contrating to deliver something 
that is of use to the whole fs/oss community, not KDE alone.

> > Sphinx (somewhat lame excuse, I know):
> > - The Sphinx list of requirements has some weird items that would have
> > led to endless discussions on whether we actually want them. I don't
> > allege anyone of the Aegypten team of thinking like that, though. But
> > with the tight schedule, it was probably easier to write a new
> > certificate manager that was designed to be Sphinx compliant from the
> > beginning than to extend the existing one to work with mulitple backends
> > _and_ be Sphinx-compliant. Let them do their stuff and later merge the
> > two, if possible.
>
>    Yes, now you're calling this thing a hack instead of a proper
> implementation.

If a bunch of senior software engineers, paid to work four hours a day each 
(orsomething like that) on KMail/Aegypten do a certmanager, it's surely no 
hack. It may be designed to be a temporary solution, but I wouldn't call it a 
hack (and I didn't!).

> > And the last point:
> > - Very honestly, I trust Werner much, much more to do security-related
> >   software right than _any_ KDE developer and I'm glad that a
> > hardcore-GNU like him actually works for improving _KDE_ (although he's
> > being paid to do it) and bringing KDE to the desktops of German
> > government personell. The more so when it comes to S/MIME, with all the
> > unclear standards and contradicting implementations.
>
>    I don't see this as an improvement to KDE.  Perhaps to KMail itself.  I
> see this as a redundancy introduced into KDE.

I guess you couldn't care less about what desktops the German government uses. 
But hey, this is _my_ country. And I'm kind of proud that they choose to give 
KDE a chance on the desktop. If you talk to the right people there, it's 
obvious that they _want_ to get to the point that they can use OSS even on 
the desktop. And personally, I see the Aegypten project as a groundbreaking 
thing. Not because it involves KMail, and I happen to be one of the current 
developers of KMail, but because it is the very first time that our 
Government has _contracted_ _free software companies_ to bring a software 
that they themselves want to use to a state where they _can_ use it.
And it is a _big_ step forward for OSS in general and KDE in particular - not 
feature-wise, but concerning the public reception of OSS and KDE.

> > The last point is nothing against any person in particular. It's just
> > that in security you have to earn your reputation. Werner has been around
> > this business for at least 10 years (?) now and I don't see anyone in the
> > KDE community with even comparable reputation in cryptography.
>
>    I think Dr. S. Henson and the rest of the OpenSSL developers certainly
> have a reputation too.

That's not the point. I detailed above why OpenSSL isn't an option. And hey, 
this project might make all the difference between being forced to work with 
OpenSSL or having alternatives.

>    Perhaps someone wants to take over and rewrite (and maintain) KSSL to
> use GnuPG, and use the Aegypten database to store certificates, policies,
> etc? It sure would save me a lot of [often boring and tedious] work. 
> Otherwise I would rather not see it become an inconsistency.

We had three addressbooks in KDE2. I think we can survive two certificate 
managers until a brave soul is found that merges them.

Marc

- -- 
Marc Mutz <mutz at kde.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8wBli3oWD+L2/6DgRAqypAKCASpd0z72eknFuF29EwNc70uBTuQCgro0Z
dJiYkutg0Z/qc7ii50fwrO0=
=Xmbx
-----END PGP SIGNATURE-----