Return-Path: <santiago@archlinux.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id 7A94A120096
 for <openpgp@ietfa.amsl.com>; Mon, 28 Oct 2019 13:41:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.821
X-Spam-Level: 
X-Spam-Status: No, score=-1.821 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_NEUTRAL=0.779]
 autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id SIN28hgugfj5 for <openpgp@ietfa.amsl.com>;
 Mon, 28 Oct 2019 13:41:34 -0700 (PDT)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ietfa.amsl.com (Postfix) with ESMTPS id 43DBA120072
 for <openpgp@ietf.org>; Mon, 28 Oct 2019 13:41:34 -0700 (PDT)
Received: from bell.riseup.net (bell-pn.riseup.net [10.0.1.178])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "Sectigo RSA Domain Validation Secure Server CA" (not verified))
 by mx1.riseup.net (Postfix) with ESMTPS id 47267v1NXhzFcNP;
 Mon, 28 Oct 2019 13:41:31 -0700 (PDT)
X-Riseup-User-ID: F884FB1A4840A646EF4732DD72576C4F8BE181B0812FC97C55B303121A9F7845
Received: from [127.0.0.1] (localhost [127.0.0.1])
 by bell.riseup.net (Postfix) with ESMTPSA id 47266p41xFzJsrf;
 Mon, 28 Oct 2019 13:40:34 -0700 (PDT)
Date: Mon, 28 Oct 2019 16:40:33 -0400
From: Santiago Torres-Arias <santiago@archlinux.org>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: openpgp@ietf.org
Message-ID: <20191028204032.bubbzueti2ebpobm@LykOS.localdomain>
References: <87ftjck4fc.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="22z5hniabnxgprq3"
Content-Disposition: inline
In-Reply-To: <87ftjck4fc.fsf@fifthhorseman.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/MoqZ5zWc3dxUeSP_OhAZ57VIpxw>
Subject: Re: [openpgp] Stateless OpenPGP command line interface proposal
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>,
 <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>,
 <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Oct 2019 20:41:36 -0000


--22z5hniabnxgprq3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Oct 28, 2019 at 04:20:39PM -0400, Daniel Kahn Gillmor wrote:
> Hi OpenPGP folks--
>=20
> The recently-announced OpenPGP test suite [0] inspired me to try
> drafting a spec for a purely-functional, stateless OpenPGP command line
> interface.  The idea is that different implementers could provide the
> same interface, focusing specifically on the object security aspect of
> OpenPGP (leaving aside identity management).
>=20
> An example (using "sop" as the command, short for "Stateless OpenPGP"):
>=20
>     sop generate 'Alice Lovelace <alice@openpgp.example>' > alice.sec
>     sop convert < alice.sec > alice.pgp
>=20
>     sop sign --as=3Dtext alice.sec < announcement.txt > announcement.txt.=
asc
>     sop verify announcement.txt.asc alice.pgp < announcement.txt
>=20
>     sop encrypt --sign-with=3Dalice.sec --as=3Dmime bob.pgp < msg.eml > e=
ncrypted.asc
>     sop decrypt alice.sec < ciphertext.asc > cleartext.out
>=20

I think this is a *phenomenal* idea. I wonder if this could mature in a
well-defined API that e.g., gpgme could adopt?
=20
> I've just published an initial draft of this specification here:
>=20
>     https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/
>=20
> It's tracked as markdown source in git at:
>=20
>     https://gitlab.com/dkg/openpgp-stateless-cli
>=20
> But i'd very much like other contributions or authors.  If you're an
> implementer of an OpenPGP toolkit, and you think you might take a crack
> at implementing part of it, i'd love your feedback.  If there's
> sufficient interest in the community, i'd be happy to move the `sop`
> spec over to https://gitlab.com/openpgp-wg/ so that it's clearly not
> something that i'd be a blocker on.

I'll definitely take a look, as we implement bits and pieces of
rfc4880/rfc4880bis on NYU's securesystemslib.

Thanks!
-Santiago.

--22z5hniabnxgprq3
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEkDurc2QOttZVM+/zRo8SLOgWIpUFAl23UkAACgkQRo8SLOgW
IpWZuRAAvEuLoeBWlq0opvuTpcviDWW4wEu9/u99yV6jMqRjW7jxgV+sRmJy18gt
GkHBVvas/B8+0S80UHYVUD/KvgTXc/hXtS3W0pYJl+XtYiP48MnSwKooL6kzf3MY
xqMRT8PWPZvmmJh3ET30ZUkErUwTq+HHOWKeOac1hwqzTR+CVvEBCnK3mHlSSpFb
C6TzkEKP7xvCX5JU6YUWwV7r/f82eKy+I1PggetuM+zoDQsiXc+/IMHAsvNyD8t0
OTkgvySldCcdZLsYSnTgOaDcZajO0zp8gUniUUS2+TBPSEQB4O4F+V5oA20OYbws
E0VCELtX1yZ2qN5D9fTCpib8mddpGCYyo//sRSh7sS+slSfohHa8f7QMGAiILinD
cUo/0yYdN49QmIavBNiQ+bq86o5d5paIZfN5m/OCsLLZIA7GaOf3ZXnPn658m/oi
CYEg5M6V4/I1jf3hxnEFlqxAXwn4U6wW2jd8/IRd7LPUBZLyRR1XbuwPJaG8+Zyr
OUdw5KvYN7dYl2+uJ/QAGEm1usgCFxN7EdEKByGzoZ1O+GKcbzFDNtQQtGhj0j/F
S1c6jyIEy1nF2maWtIvdBt0YqT2sD8naHw94GXKFonb0GFqdV3WN/Pize9VcqwJf
NerZT4iGVYWjtEJF6WyftufKlpFFn9o55Is6uz7r7aMC7ziAkUE=
=AxvI
-----END PGP SIGNATURE-----

--22z5hniabnxgprq3--