Re: [openpgp] Stateless OpenPGP command line interface proposal

[Santiago Torres-Arias <santiago@archlinux.org>]

On Mon, Oct 28, 2019 at 04:20:39PM -0400, Daniel Kahn Gillmor wrote:
> Hi OpenPGP folks--
> 
> The recently-announced OpenPGP test suite [0] inspired me to try
> drafting a spec for a purely-functional, stateless OpenPGP command line
> interface.  The idea is that different implementers could provide the
> same interface, focusing specifically on the object security aspect of
> OpenPGP (leaving aside identity management).
> 
> An example (using "sop" as the command, short for "Stateless OpenPGP"):
> 
>     sop generate 'Alice Lovelace <alice@openpgp.example>' > alice.sec
>     sop convert < alice.sec > alice.pgp
> 
>     sop sign --as=text alice.sec < announcement.txt > announcement.txt.asc
>     sop verify announcement.txt.asc alice.pgp < announcement.txt
> 
>     sop encrypt --sign-with=alice.sec --as=mime bob.pgp < msg.eml > encrypted.asc
>     sop decrypt alice.sec < ciphertext.asc > cleartext.out
> 

I think this is a *phenomenal* idea. I wonder if this could mature in a
well-defined API that e.g., gpgme could adopt?
 
> I've just published an initial draft of this specification here:
> 
>     https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/
> 
> It's tracked as markdown source in git at:
> 
>     https://gitlab.com/dkg/openpgp-stateless-cli
> 
> But i'd very much like other contributions or authors.  If you're an
> implementer of an OpenPGP toolkit, and you think you might take a crack
> at implementing part of it, i'd love your feedback.  If there's
> sufficient interest in the community, i'd be happy to move the `sop`
> spec over to https://gitlab.com/openpgp-wg/ so that it's clearly not
> something that i'd be a blocker on.

I'll definitely take a look, as we implement bits and pieces of
rfc4880/rfc4880bis on NYU's securesystemslib.

Thanks!
-Santiago.