<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/xhtml; charset=utf-8">
</head>
<body>
<div style="font-family:sans-serif"><div style="white-space:normal">
<p dir="auto">On 30 Aug 2019, at 15:18, Henrik Christian Grove wrote:</p>
</div>
<div style="white-space:normal"><blockquote style="border-left:2px solid #777; color:#777; margin:0 0 5px; padding-left:5px"><p dir="auto">[...] one might consider the passwords application<br>
data and implement a password manager using libsodium (as recommended by<br>
that article, but I think I've heard that recommended before) for them.<br>
The result would probably end up quite far from the Unix philosophy,</p>
</blockquote></div>
<div style="white-space:normal">
<p dir="auto">Indeed, <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">pass</code> would have to invent its own key management infrastructure, its own authentication agent protocol, and it would lose compatibility with OpenPGP cards [1] and the existing authentication agents which exist (e.g. on macOS I get a graphical dialog when <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">pass</code> needs to access my PGP private key).</p>
<p dir="auto">[1] <a href="https://en.wikipedia.org/wiki/OpenPGP_card" style="color:#3983C4">https://en.wikipedia.org/wiki/OpenPGP_card</a></p>
</div>
<div style="white-space:normal"><blockquote style="border-left:2px solid #777; color:#777; margin:0 0 5px; padding-left:5px"><p dir="auto">But once an alternative for single file encryption becomes available,<br>
I'm sure people will start thinking of porting pass to use that.</p>
</blockquote></div>
<div style="white-space:normal">
<p dir="auto">Yes, once <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">age</code> is at feature parity with PGP for single-file encryption, it should be trivial to make <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">pass</code> use <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">age</code> instead of PGP and re-encrypt passwords.</p>
<p dir="auto">In that sense, I am happy that <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">pass</code> is not using some proprietary storage format (based on libsodium) for my passwords.</p>
<p dir="auto">As for <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">age</code> though, I cannot find anything beyond the Google document and this blog post [1], no source code seems available, so don’t know how far along the project is.</p>
<p dir="auto"><a href="https://blog.filippo.io/using-ed25519-keys-for-encryption/" style="color:#3983C4">https://blog.filippo.io/using-ed25519-keys-for-encryption/</a></p>
</div>
</div>
</body>
</html>