Peter Stuge <peter_at_stuge.se> writes:
> Simon Josefsson wrote:
>> However I think it would be useful to have the ability to do a
>> callback-based public key signing too. One goal here would be to
>> permit private keys in-memory rather than on disk, to facilitate
>> process-separation between the process knowing the private key and
>> doing the signing, and the actually libssh2 code.
>
> You just described exactly what an SSH agent does. :)
Yeah, but there are other scenarios that fits that description too, and
being restricted to only implementing the solution through the SSH agent
protocol appears inflexible to me.
>> Thoughts?
>
> I agree it would be nice to allow new and cool agent solutions. Just
> like we discussed to potentially have SFTP be separate from (but
> close to) libssh2 I think it would make sense to have a separate
> development effort for agent development. It makes a lot of sense to
> me because it will be a much smaller code base which is thus easier
> to review and possibly certify for those with such needs.
Yup.
/Simon
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2009-12-15