OpenPGP auth

[Pete Chown]

sen_ml at eccosys.com wrote:

> so, are you going to write an openpgp packet manipulation library?

At present I am just invoking the gnupg binary.  I think the gnupg
people have a project to create a library, so I would probably be
duplicating work.  (Also it would be a *lot* of work -- much more than
just doing OpenPGP authentication for OpenSSH.)

> that'd be very useful for other purposes as well -- for instance, it
> could be used to write a pam module that will allow a
> challenge-and-response type of authentication using openpgp keys.

That's an interesting idea...  Also you could do a SASL method that
used OpenPGP.  Actually how about a SASL or GSSAPI method that uses
ssh?  Then if you use IMAP forwarded by ssh, you don't have to worry
about sending a password.

-- 
Pete