HBCI data structures and Gnucash
Christian Stimming
stimming@tuhh.de
Thu, 16 May 2002 13:26:40 +0200
Darius Powell wrote:
> Benoit Grégoire <bock@step.polymtl.ca> writes:
>>>I'm currently working on a script to automatically download
>>>transactions. Currently it generates qif files for import.
>>>
>>I am also currently working at this stage. I have working ofx support for
>>pretty much the whole specification for transaction download. I can
>>trivially export qif files, but i don't want to use such a mediocre transport
>>format, after working so herd to support the whole spec.
>
> It would seem to make sense if there was a single way to get
> transactions into Gnucash (or more generally speaking to perform online
> banking actions) that we could both use.
That sounds good for OFX and QIF import. However, I'd like to point out
again that HBCI support is different from this. HBCI is a standarized
protocol, not a file format. HBCI acts as a authentication/encryption
protocol on top of TCP *and* it standarizes the data format of actions
that the bank should perform (wire transfer etc.) and of statements the
bank returns.
Therefore I'm going to write a seperate loadable gnc-module for hbci
support (which all people outside Germany can safely ignore). I.e. I
would rather not put too much effort into code sharing between HBCI
support and QIF import/export but first code the HBCI stuff on my own.
Nevertheless there is some code that both of us will similarly need --
namely, the transaction duplicate detection when importing/retrieving
statements of the bank. I guess we should move those functions to some
generic library and use them from there. But for HCBI, this won't be
needed before July/August.
>>>It would be good if transactions were downloaded in the background at
>>>scheduled times (even if Gnucash is not running).
>>>
>>I am not all sure this is a good idea. There would be pretty steep security
>>issues. To download in the background at regular intervals, gnucash would
>>have to keep the passwords necessary for access, 24h a day. If we want to
>>run even when gnucash is not, the passwords will have to be stored on disk!
>
> Yes, there are certainly some serious security concerns here.
>
> As for automatic downloads the password needs to be stored somehow and
> should probably be encrypted.
Any HBCI support will definitely *not* store the password/passphrase
anywhere on disk. Also, I don't quite see the point of transaction
downloading in the background -- either I'm running my application and
want to download the transactions, or I'm not running my application and
don't care about the transactions. But anyway, for HBCI support password
storing on disk won't happen. So your discussion doesn't apply to HBCI.
That said, I recall several discussions on this list about storing data
in an encrypted way, the last having happened some months ago. We
*always* came to the conclusion that this issue *cannot* be properly
addressed by the application. If a user is seriously concerned about
protecting her data against other people (with potentially physical
access to the machine), an encrypted filesystem was about the only sound
solution that we could come up with, and this is definitely beyond the
scope of our application. I mean, you could start this discussion all
over again, but what I took from those discussion was that I should
basically forget about saving any encrypted data. So again, the HBCI
support code will never store the passphrase anywhere in a file.
Christian