On Wed, Jul 11, 2012 at 5:00 PM, Niklas nik@qnrq.se wrote:
Hey-hey!
The key manager uses HTML5 web storage to store keys, perhaps your browser doesn't support it yet? I've confirmed that part to work in both Firefox and Chrome. The plugin is heavily depending on HTML5 and things like window.crypto, which Chrome currently supports but Firefox is lagging (for some reason they're holding the release back because it's not finished for the mobile app).
I tried with Chrome and importing public keys worked fine. Nevermind, I guess the problem was somewhere between the chair and the keyboard :-)
BTW: as far as I understand HTML5 local storage, the key store is restricted to the host/domain of the Roundcube installation. Of course that's a reasonable security feature. But it also means that I'd have to install my keys at every website using openpgpjs individually, right?
Decryption works as a proof of concept currently and currently it can only decrypt using one (the first) private key in the key manager. The decryption function is on rows 275-334 here: https://github.com/qnrq/rc_openpgpjs/blob/master/js/openpgpjs.js
I see what you mean about message parsing being a big project to get working somehow on the client side. I can't say that I'm looking forward to that part, but for now the most important thing imho is to get any PGP safely into Roundcube. It might be something that requires patching openpgp.js and that's fine by me, I've already planned doing modifications there.
I recently found http://gpg4browsers.recurity.com which actually heads into that direction.
I think it's OK if it takes some time to get full multipart messaging support. Browsers haven't implemented HTML5 fully yet so either what is done with the plugin it won't function 100 % until things like that are ready.
That's certainly true. But as always, users want that feature ASAP...