Q1. What is the problem that you are trying to solve?
While it’s enough to be able to import a pgp key for most people, some people do have their keys on smartcards for better security. To be able to use passbolt, those people need to create a second, probably less secure key.
Q2 - Who is impacted?
Not many, just some crazy paranoid people. Mostly linux command line geeks, I guess.
Q3 - Why is it important and/or urgent?
This would attract a small but potentially pretty active community.
Q4 - What is your proposed solution? (optional)
As far as I can tell, this does not apply to the CLI, because it doesn’t do any decryption yet. If decryption is added using gpgme, this should use the local gpg agent, which already supports smartcards. On the browser extension side, I am not sure how to access the gpg agent from there, but it is possible, as passff shows (that requires a little host application though).
Q5. Community support
People can vote for this idea to show traction:
- Must have: this is critical for me to have this
- Should have: this is important for me to have this
- Could have: this could be nice to have
- Won’t have: we should not schedule this (explain why)