sbl − create passphrases for use with secure basic authentication
The program (Secure Basic Launcher) provides a simple graphical user interface for web sites that use Secure Basic authentication. Secure Basic authentication differs from Basic authentication in that the password is replaced with a passphrase that is a digital signature. Once verified, this passphrase can be used like a traditional password. It is intended to be secure when used with TLS/SSL, in which case the passphrase consists of a time stamp, a 32-bit CRC of the time stamp and a traditional password, and a digital signature of the time stamp, the CRC, the SSL certificate’s public key, and the password. Once verified, this signature is treated as a basic-authentication password, accepted provided the sender’s IP address has not changed. Configurations are stored in files typically with the file-name extension Each file will typically include sites, or logins, that are related in some way (the grouping is chosen by each user). There is one special case: if a configuration file contains a single site or login, and the configuration file is provided on the command line, that site or login will be selected. Web sites can provide an configuration file and browsers can start for the user. The special case allows the user to skip the step of selecting a site, and can simply click the button, and then paste the user name and password. While there are some command-line options for specific tasks, typically will be used to open a browser window for a specific URI by clicking the button, and simultaneously a user name and a a secure basic authentication passphrase will be copied to the system clipboard, which can then be pasted into a dialog box or text field provided by a browser. Pasting in this case is handled specially: pasting alternates between pasting the user name and pasting the passphrase. The browser will typically pop up a dialog box asking for a user name and password, so the user can click on the user-name field, and paste a value from the clipboard, and then click on the passphrase/paswword field and paste from the clipboard again. When is run with no arguments, or one argument (an configuration file with no options except it will provide a window with a series of buttons or controls for specific operations. These are A new configuration file will be loaded. A "file chooser" dialog box will allow a configuration file to be selected. If a file name that does not exist is entered, a new file will be created. This will allow one to select a web page to visit, based on an identifier providing a short name for the page. This will open a window using the user’s default browser. It will also generate a passphrase, and will copy both the user name and the corresponding passphrase to the system clipboard so both can be pasted into the appropriate text fields displayed by a browser. Pasting is handled specially: each time the copy is pasted the value provided alternates between the user name and the passphrase, starting with the user name. This will generate a new passphrase for the selected site. This will add a new entry the configuration file’s tables. This will allow the user to edit the configuration file. This will copy the user name for the selected site to the system clipboard. This will copy the public key for the selected site to the system clipboard. This will copy the user’s password for the selected site to the clipboard. For secure basic authentication, a traditional password is used for two purposes: (1) to quickly reject bad authentication requests, and (2) so that passwords can differ when two web sites share the same certificate (web sites that are part of a larger organization sometimes share certificates). When the SBL file is explicitly provided on the command line, a leading directory name of will be replaced with the default SBL directory. On a Linux or Unix system, for example, would be replaced with the directory is the directory the button’s open-file dialog uses.

The options are Terminate options. This option, used only with the option, provides a base URI representing a portion of a website or server that is protected by an SBL-compatable authenticator. Create a new SBL file. If the arguments and are present after the options, that will specify the name of the files to create. If one of these is "-", its output will be directed to standard output. In all cases, will contain the entries needed by a server and will contain the entries needed by a client. If the arguments and are not provided, the file will be printed to standard output as A JSON object (see the man page option is used, Several options are mandatory: and The optional options for are and Use as the GPG home directory. The option is useful when a server maintains its own GPG key ring. Suppress a dialog box that asks permission to use a trust store, loopback host name, or a self-signed certificate. This dialog box mill otherwise appear if an file is provided as a command-line argument. This option, used only with the option, indicates that the loopback address denotes a valid host. This option sets the identifier used to reference a particular entry in an SBL file that was passed to as its only non-option argument. In this case, the argument is the identifier that will be displayed by the box. option to set the key for an entry - the identifier that will appear as part of a property key. For the option, a missing option will result in an entry with the default key The argument can be (to print the user name to use when logging into the web site), (to print the URI for the protected portion of the web site (to print the URI for the login web page), (to print the description of the web page), (to print the GPG recipients listed, if any), (to print the user-supplied password), (to print the type of authentication used), (to print the public key for this configuration file), (to print the trust-store file, if any), (to print the trust-store password, if any), (to print whether or not self-signed certificates are allowed), (to print whether or not a loopback interface can be used). (to print the title for an SBL file) (to print a list of the identifiers used to select a web page.) For the option, except when its argument is either or a option will also be needed. This option, used only with the option, indicates that a client should accept self-signed certificates. This option should be used only for testing. This option configures so that it prints a stack trace if an exception that terminates the program is thrown. This option, used only with the option, provides the name of a file containing a trust store. This option, used only with the option, provides the trust-store password This option, used only with the option, provides the URI that should be visited when a user first logs in.

This option provide a user name, used for a web site or server’s login. The argument is any valid GPG user ID that will name a key in the user’s key ring, and multiple options are allowed. When at least one option is present, private keys will be encrypted using all of these user IDs to determine which users can decrypt a private key. If a configuration file is provided on the command line, the key pair for that file will be replaced and will exit. If no configuration file is provided or a specified key file does not exist, then when a new configuration file is created, the private key will be encrypted so that the users specified by the options can decrypt it. This directory contains configuration files. Each will have its own key pair, and will otherwise list web sites, user names, and their corresponding passwords.