- Event Series
- This event is an instance of E878: Weekly Standup, and repeats every week.
Event Timeline
Comment Actions
Last week:
- gpg-agent: Tasks under T5984
- Use-for-ssh, Label, Prompt support
- Now, OpenPGP.3 keys are the default candidate for SSH authentication, even if not inserted
- it prompts a user for device insertion when not available
- libassuan, gpg: T5977
- Conclusion: an approach of existing CONFIDENTIAL flag (not introducing new flag)
- Once, I tried new flag ASSUAN_CLEAR_INQUIRY_DATA, so that it wipes buffer after inquiry, but I realized that there are use cases in existing code of gnupg, which uses CONFIDENTIAL flag for such an inquiry.
- So, I think that enhancing the semantics of CONFIDENTIAL flag is better
- old: not showing data in debug message
- new: not showing data in debug message + wiping buffer after use
- Backport needed for GnuPG 2.2
- Conclusion: an approach of existing CONFIDENTIAL flag (not introducing new flag)
- Start scute change for T6002 (keygrip centric approach)
- Currently, it presumes:
- single device
- device can be identified by: serial number + key reference (like OpenPGP.3)
- New method
- multiple devices
- key can be identified by keygrip
- as long as keygrip is same, it doesn't matter which device has the key
- Currently, it presumes:
This week:
- libgcrypt KDF API experiment