PGPMenu Implementation Issues and Decisions
Derek Atkins
<warlord@MIT.EDU>
The major goal of PGPMenu was to make it easy to implement, easy to
modify, and easy to use. This brought about the concept of using some
script language for the implementation. I also thought about the
security of the system, and decided that using a graphical language,
like tcl, would make it difficult to destroy the user passphrase on
request. As a result, I chose to implement PGPMenu in PERL, and allow
PGP to grag the passphrase itself. Another choice could have been to
write a special C program that would integrate with a TCL script to
grab the password securely and stuff it into PGP, but I decided that I
didn't have enough knowledge of X programming to do that well.
- It should run on most any platform (I reduced this to UNIX only)
- It should be easy to add new functions
- Menus should be easy to change in the program
- Lets PGP deal with security (e.g. obtaining the user's passphrase)
- PGP is security software -- let it do its job
- This implies no X-based (TCL) interfaces, because there is no way
to securely obtain the passphrase.
- Used the PERL language for ease in writing, testing, and modification
- Interface to Keyservers and Keysigners, if available
- Only shows those menu items which are available to the user
- Makes it easy to integrate with other services when they become
available