[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MirageOS-devel] MirageOS AppVMs on Qubes

On 26 November 2015 at 20:26, Hannes Mehnert <hannes@xxxxxxxxxxx> wrote:
> On 11/26/2015 20:38, Thomas Leonard wrote:
>> What about doing only the agent protocol (mainly PKDECRYPT and PKSIGN)?
> What would the benefit be?  What would the agent talk to?  Where and how
> would keys be stored?

I was imagining the gpg-agent would run in a Qubes Mirage AppVM, which
would also store the private keys (in a FAT filesystem maybe). When
other (Linux) AppVMs want something signed or decrypted, they run the
regular gpg binary, which calls a gpg-agent stub that uses `qvm-run
mirage-gpg` to get a vchan to the Mirage agent. That way, private keys
never leave the Mirage VM.

Prompting the user for the password might be a problem, but we could
call out to another AppVM for that (or maybe even to dom0).

Dr Thomas Leonard        http://roscidus.com/blog/
GPG: DA98 25AE CAD0 8975 7CDA  BD8E 0713 3F96 CA74 D8BA

MirageOS-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.