This is the first post about my project with GNOME for GSoC 2015. I have just finished my exams and now I will be more active.
Last summer I have started from an idea: make OpenPGP keys exchange & sign easier through an app. This is how GnomeKeysign [0] appeared.
It allows people to connect over a local network , choose from one of their personal keys to be signed by others, transfer the public key from one peer to other , sign it and send it as an email attachment back to its owner.
The app has also a minimalistic GUI and it supports web cam integration to allow for scanning a QR-encoded fingerprint of the key.
Now my job is to make this app ready for integration with GNOME. For this I am following the next points, but not necessarily in this order:
- Remove dependencies - at the moment we use a custom build gpg wrapper to call out GnuPG and a qrencode library that is a wrapper of a C library. We want to replace those with libraries written entirely in python (pygpgme, PyQRCode) to make distribution easier.
- Add internationalization support - even though this isn't isn't as urgent as other points, it will offer me a good perspective on project development & deploying for GNOME.
- Give GnomeKeysign better looks - the current GUI is designed by me (with suggests from my mentor). It requires a more professional GUI and adhere to Gnome design patterns.
- Establish a secure channel - at this moment we only authenticate the data received, so the application only process data after it is authenticated. A secure channel would help deter attacks such as keyserver-in-the-middle.
- Build a test harness - these tests will cover GnuPG communication, key signing, GUI testing.
This was just an introduction post. I have done some work [1] on the gpg wrapper replacement and I will blog about it soon.
See you soon,
Andrei
No comments:
Post a Comment