[dev] Digital Signature and IMP

[Cliff Green]

Quoting Fabio Ferrari <fabio@ferrari.mo.it>:

> Hi all
> 
> I wish to know if it has already implemented - or someone is implementing -
> Digital Signature in IMP (I mean with Certification Authority - es. OpenCA -
> , not PGP).

It is being looked into, but isn't beta (or even alpha) quality.

Just a few of the problems include:
-building sufficient certificate chains (e.g., including extra certs in the 
 openssl_pkcs7_sign call) (see my signature, for example)
-properly handling the passphrase actionWindow, so the user's passphrase
 is available for use after first prompting (and getting rid of the window)
-providing better ways for users to import their own keys/certs as well as
 correspondents' certs
-the openssl_ functions in PHP which we currently use are both experimental
 (therefore not stable) and lacking in some features and services.  For example,
 only 40-bit ciphers are used in openssl_pkcs7_encrypt;  also, 
 openssl_error_string doesn't really return as much information as it could
 to be really useful

c
-- 
Cliff Green
Academic Computing Services - UMDNJ
Signature under NDA-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2649 bytes
Desc: not available
Url : http://lists.horde.org/archives/dev/attachments/20021122/118cc7db/smime.bin