[Differential] [Requested Changes To] D3213: Add simple API to check/toggle TOFU mode

aheinecke (Andre Heinecke) noreply at phabricator.kde.org
Mon Oct 31 13:42:20 GMT 2016 

aheinecke requested changes to this revision.
aheinecke added a comment.
This revision now requires changes to proceed.


  Indeed this is ugly, but might be a workaround until gnupg properly supports this. ( https://bugs.gnupg.org/gnupg/issue2381 )
  I would have said you should use QGpgME::CryptoConfig for this but gpgconf does not provide the trust-model as a settable option (which imo is wrong but the maintainer argued against it because he wants to have a "larger" profile style solution.
  
  We will get it in gnupg but It's unclear how. We will have more options like auto-key-locate / auto-key-retrieve etc. that are not part of gpgconf's interface. Having such a hack for every such option is not something I want to have :-/
  
  Why do you need this now? I think the other stuff (WKS publishing creation / TOFU Display) is unreleated. I thought for the first implementation it should be fine if a user has to manually configure themselves into an "EasyGPG" style mode. Especially as this stuff is still very new. So we have not given the profile switch high priority. (It's on the agenda for a hacking meeting at the end of November).

INLINE COMMENTS

> tofu.cpp:91
> +{
> +    auto gpgConf = runGpgConf({ QStringLiteral("--version") });
> +    if (!gpgConf) {

This can be simplified as:

  return !(GpgME::engineInfo(GpgME::GpgEngine).engineVersion() < "2.1.14");

> tofu.cpp:176
> +                        isEnabled = true;
> +                        outBuffer += "trust-model tofu\n";
> +                    } else { // !isEnabled || !enable

If you really want to use this patch, please change this to tofu+pgp we want tofu+pgp and not plain tofu. tofu+pgp means that your current trust will still be used.

I think we should also insert a comment like:

1. The trust model was changed to tofu+pgp by KMail on $date
2. Before the change it was $oldtrustmodel

before the trust-model line.

REPOSITORY
  rLIBKLEO PIM: Kleo Library

REVISION DETAIL
  https://phabricator.kde.org/D3213

EMAIL PREFERENCES
  https://phabricator.kde.org/settings/panel/emailpreferences/

To: dvratil, aheinecke
Cc: kde-pim, spencerb, dvasin, winterz, vkrause, mlaurent, knauss, dvratil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-pim/attachments/20161031/1caa6525/attachment.html>

More information about the kde-pim mailing list