[pass] Chrome Extension

Jason A. Donenfeld Jason at zx2c4.com
Tue Sep 11 21:07:51 CEST 2012


On Sat, Sep 8, 2012 at 11:03 PM, Marcus Breese <marcus at breese.com> wrote:
> So, I'm the guy that was talking about a Chrome extension.
>
> I'm not quite sure how to do a lot of the Chrome parts, but it should be pretty straightforward to get the URL of the current tab, then send that to a pass daemon running locally. The gpg password could be kept by Chrome (probably not a good idea), or managed normally with a gpg key agent. Then the daemon could add the decrypted password to the clipboard for a limited amount of time. Ideally, it would return the username/password so that the form could be auto-filled out (similar to the way that LastPass works).
>
> The weak link in this is the Chrome-daemon link. Ideally, this should be authenticated and encrypted, even if it is operating on the same machine. The benefit of using a daemon is that it could be a standard interface for multiple browsers, and you wouldn't have to compile a plugin for the browser.
>
> Those were my random thoughts. What did you have in mind?
>
> --
> Marcus Breese
> marcus at breese.com
>

Replying to this on list, so that others can chime in on the discussion.

Any suggestions for the best architecture of this? Take the
organization discussion [1] under consideration too.

[1] http://zx2c4.com/projects/password-store/#organization



More information about the Password-Store mailing list