PyME 0.9.0

PyMe is a Python interface to GPGME library using SWIG. Being based on SWIG, which does most of the heavy lifiting, it should be fairly complete in terms of coverage of what GPGME has to offer. Here is the history of PyMe as far as I understand it.

  1. PyMe up to v0.5.1 was written and maintained by John Goerzen in 2002.
  2. From 2004-2008 Igor Belyi maintained PyMe and produced up to v0.8.1.
  3. In 2014 I took over maintaining PyMe because there was no one who would accept by tiny bugfix.

Alas, here is PyME 0.9.0.

Changelog

  • python setup.py calls make swig, so
  • pip install git+https://bitbucket.org/malb/pyme should work
  • op_export_keys() works now
  • revision constrol was switched from SVN on Sourceforge to Git on Bitbucket.

Mailing List

If you have bug reports, suggestions etc. please send them to pyme-help@lists.sourceforge.net which is still the official PyME support mailing list. Speaking of which:

Bugs

Support for Windows is currently untested, so it is probably broken. It would be much appreciated if those who use PyME on Windows could step up and offer their help in maintaining that part.

BatzenCA – OpenPGP Key Management for Mailing Lists

Lately, I have been writing a little Python library which is aimed at managing OpenPGP encrypted mailing lists easier. In particular, it addresses the following scenario. A group of users setup a normal mailing list – say a Google group. To realise encryption all users encrypt to all users, say, by relying on Thunderbird’s/Enigmail’s “Per-Recipient Rules”. This is annoying, but doable for groups sufficiently small. However, doing all the mutual key authentications for all users would be a lot more annoying. Our users could rely on the web of trust, but many people who use encryption seem to be reluctant to publish a social graph on the Internet, so they’d rely on exchanging this information somewhat privately, e.g. on the list itself.

Hence, to make matters simpler, our mailing list might nominate a certification authority – one user they all trust who takes care of key verification and publishes signatures to those keys she verified. In the scenario I am concerned with this happens by irregular e-mails to the mailing list itself. BatzenCA is a set of Python tools to make the CA’s job easier. In particular, it helps to organise such irregular e-mails which inform users about added/removed keys – called “releases” in the package. It relies on SQLAlchemy and a patched version of PyME. I’ve been using it for a little while now and it seems to do what I want it to do. I wonder if anybody else has similar requirements where this set of tools could be useful?

Warning: While I know a little bit about cryptography and have quite a bit experience writing Python code, I am not an expert on security engineering and most software I write is rather mathematical, i.e. not aimed at practical security.