|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [MirageOS-devel] MirageOS AppVMs on Qubes
On 11/25/2015 17:22, Thomas Leonard wrote: > On 23 November 2015 at 12:35, Anil Madhavapeddy <anil@xxxxxxxxxx> wrote: >> Also, I just ran across this nicely privilege separated TLS daemon: >> https://www.opsmate.com/titus/ Maybe a tlstunnel using Mirage would be sensible here? (And maybe support both client and server side). > Qubes are also interested in GnuPG. Since 2.1, all private key > operations are handled by gpg-agent, so we'd probably only have to > implement that. Anyone know how hard that would be? The OpenPGP message format is documented in RFC4880, including a custom run-length encoding of numbers, and various versions etc. I'm not sure (and couldn't easily find) whether it makes sense to support old versions (I think signature versions 3 and 4 are sensible, but maybe 3 could be dropped as well). It is lengthy, the upside is that (nearly) no ASN.1 is involved. And most of the crypto primitives are supported in ocaml-nocrypto. Would be a fun project. I'd expect it to take 2 months full-time for me. Certainly, adding gpg agents "protocol" would take some more time as well. If someone has energy and resources for OpenPGP: I'm happy to help out, Hannes Attachment:
signature.asc _______________________________________________ MirageOS-devel mailing list MirageOS-devel@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |