should #passwordstore #pass standardize?

- best practice YAML for password entry supported by #Browserpass, and pass-simple (https://sourceforge.net/projects/pass-simple/)
- folder name for exported public keys created by #gopass and #PassSimple
?

should #pass be managed in github instead of a mailing list?

#Pass #PasswordStore #introduction #QtPass #gopass #PassSimple #gnupg #gpgme #OpenPGP #PGP

Pass-simple,
gui for pass I've written (Qt Qml C++),

https://sourceforge.net/projects/pass-simple/

Documentation, for step by step install for all platforms
https://shemeshg.github.io/pass-simple-mdbook/index.html

#Pass #PasswordStore #introduction #QtPass #gopass #PassSimple #gnupg #gpgme #OpenPGP #PGP

Dear Internet,

Please find attached a #moggie text-mode #OpenPGP screenshot, for your viewing pleasure!

As of this morning, OpenPGP states appear in the app in vaguely sensible way!

This screenshot demos how the signed part is marked as verified, but the unsigned mailing-list advertisement is not - and since it's a message with signed content, the unsigned bits are de-emphasized by using a darker text color.

I think this is acceptable.

Love,
- B

It says something about #OpenPGP, that one of the main usability benefits of an #email client natively supporting the various flavors of OpenPGP e-mail encryption, is it can make a lot of the noise go away.

Messages are plain easier to read without -----BEGIN PGP FOO----- delimiters and/or extra attachments.

I still don't know *which* kind of noise is easier on the recipient tho. Inline technobabble or confusing attachments?

It is now two weeks since I missed my self-imposed deadline on delivering the first #Moggie e-mail client dev blog post.

I'm not quite the point where I have to multiply my time estimates by pi, but a factor of two is feeling plausible for the first milestone.

It's #OpenPGP support that is slowing me down, which was supposed to be a stretch goal... but I really wanna to ship it!

Well, that and summer. Summer is REALLY slowing me down! :-D

#LibreOffice to Get APNG Import/Export Support, New Search Option in Settings, and Improved #OpenPGP Encryption During GSoC 2023 https://9to5linux.com/libreoffice-to-get-apng-import-export-support-and-improved-openpgp-encryption-during-gsoc-2023

@libreoffice @tdforg #OpenSource #FreeSoftware #FOSS #Linux

This morning I taught `moggie email` to generate e-mails with protected headers, as described in this Internet Draft (co-authored by yours truly):

https://www.ietf.org/archive/id/draft-autocrypt-lamps-protected-headers-02.html

This extends PGP/MIME signatures to cover important message headers, and optionally allows header encryption, including the Subject in particular.

Progress!

#moggie #mailpile #OpenPGP #email

It's kinda fun when you need some sample data, and you know that there is an Internet Draft with your name on it, that contains exactly what you need...

https://www.ietf.org/archive/id/draft-bre-openpgp-samples-01.html

#openpgp #moggie #mailpile

So far, my favorite #moggie #OpenPGP back-end is the "demo" engine that doesn't really encrypt: instead it prepends the letter E to every line of the clear-text.

Because sometimes you just want to peek under the covers and see how the magic happens...

Today #moggie generated its first well formed #OpenPGP encrypted and signed e-mail!

It used #PGPy (via SOP) for the encryption, but pulled keys from my #GnuPG keychain.

This is a milestone!

I finally hand-delivered an #OpenPGP signed message written out by my own hand!

Putting the digits in digital signatures.

RT @GPGTools
🔒 GPG Suite 2023.2 adds support for macOS 13.3.

So if Mail is complaining about an incompatible bundle, make sure to update and let the GPG Mail Upgrader run when asked.

https://gpgtools.com

#OpenPGP #Encryption #macOS

Working a bit on #openpgp support in #moggie, I find myself impressed that I've found a way to make OpenPGP encryption even less user friendly than it was before!

Unless I'm fixing things? I honestly cannot tell yet.

It has been a good, geeky work-week so far. Not much tootin' been busy.

I did some #devops twiddling for #pagekite. Yay SSL certs?

Made more progress on grant applications for #Mailpile.

Studied #Matter (https://en.wikipedia.org/wiki/Matter_(standard) ) a bit, within the context of #esp32 and #micropython development.

I also had multiple naps and stared out the window a lot going HMM.

Now it's time for another window gazing session, before I dive back into #moggie related #OpenPGP work...

After hacking a bit, and sleeping on it, I am feeling quite comfortable building upon the Stateless #OpenPGP Command Line Interface in #moggie

I can subclass my `sopclient` with a more efficient implementation (or something that actually works on Windows) later on, if necessary.

It will also be good for #SOP to have another user, as long as I play nice and share feedback or other contributions upstream. I quite like working with DKG, so that won't be too hard.

Current status: deeply conflicted about whether to love or hate the Stateless OpenPGP Command Line Interface.

See: https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/

DKG, the author, is truly an awesome human. But he's fallen into the trap of creating an API which requires passing data over multiple file handles (or via temporary files) for basic operations.

For #OpenPGP interop testing, the main goal of the tool, that's fine? But it's very messy, as an API. It would be nice to use #SOP for other things too.

@0 @a @xmpp
Sincerely, I do not have the issues you describe.
I use my XMPP daily account with OMEMO, and it works fine.
I believe you, and there is probably a need to move forward to a different solution like the #OpenPGP you mention.
I think that the developers should decide.
Let's see what say @xmpp @tigase @snikket_im @Monal

@ademalsasa

More and more I use "pass" from https://www.passwordstore.org/
which uses #OpenPGP for encryption and can also use #Git to keep track and sync across machines.

I also sometimes just email or other transports to send myself OpenPGP encrypted things...

And YES, security is a concern. Running custom code based on incoming e-mail is terrifying.

But consider an example: if you wanted secure automation, based on incoming PGP-signed email, what tools are available to you?

You have to be pretty damn skilled!

But from within an #OpenPGP aware e-mail client, where it's all been parsed and evaluated already, the scripts can be simple enough for anyone to get right.

So I think that's pretty exciting. And for some other use-cases: DKIM exists.

Updated my #mastodon #profile.

I realized that the transparent background of my user icon made is not easily visible in dark mode settings. Also added a header image to make the page more welcoming.

For end to end encrypted communication I added an #openPGP key fingerprint, which should work with web key directory and keys.openpgp.org.