Open Bug 1683008 Opened 4 years ago Updated 3 years ago

two way sync local signatures / non-exportable certifications, verification decisions

Categories

(MailNews Core :: Security: OpenPGP, enhancement)

Product:
MailNews Core
Component:
Security: OpenPGP
Type:
enhancement

Tracking

(Not tracked)

Status:
UNCONFIRMED

People

(Reporter: jan.mozilla, Unassigned)

References

(Blocks 1 open bug)

Details

A common use of openpgp is to verify software, which needs to have access to the users local certifications and verification decisions. It is not practical to manually sync these between two stores.

Provide a way to automatically sync local signatures / non-exportable certifications and verification decisions with another store. Instead of full sync, a way to read / export and write / import / overwrite would already be useful. Automatically, to not require repeated user interaction after initial setup.

(I wondered if storing this in vcards in https://github.com/etesync would be good for this.)

GPG is popular, but might not remain the only target for this. https://gitlab.com/sequoia-pgp/sequoia could be another one.

GPG does not feature any sync or version control for this data, but at least it can be made to export and import this data.

Blocks: 1595231
You need to log in before you can comment on or make changes to this bug.