[tor-talk] Tor Browser Bundle: PGP encryption built-in?
Fabio Pietrosanti (naif)
lists at infosecurity.ch
Mon Oct 10 06:11:46 UTC 2011
Hi all,
is anyone evaluating whenever to include PGP encryption support into the
default Tor Browser Bundle as a Firefox extension?
I looked at the implementation and:
* FireGPG it's discontinued http://getfiregpg.org/s/install
It also seems it was using a "bad design" practice for the IPC
communications between various modules.
* NPAPI based GPG is just released (by old FirePGP contributor)
https://github.com/kylehuff/webpg-npapi
Having a support for GPG encryption into a generic browser, with PGP
operations usable from Javascript/XUL, could open a lot of improvements
and opportunities to secure Webmail and other web applications.
At http://globaleaks.org we'll most probably need such kind of support
into the browser and we're wondering if this could accomodate a standard
"requirement" of the Tor Project for the Tor Browser Bundle.
It would be also possible to easily make very simple "XUL" interfaces to
handle basic PGP based file encryption operations, de-facto bundling a
GPG client (with a Browser UI) into the TorBrowserBundle.
What do you think about it?
We're going to make some experiment in trying to build
https://gitweb.torproject.org/torbrowser.git + GPG +
https://github.com/kylehuff/webpg-npapi .
-naif
More information about the tor-talk
mailing list