From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: "Stephen J. Turnbull" <stephen@xemacs.org>
Newsgroups: gmane.emacs.devel
Subject: Re: Wherein I argue for the inclusion of libnettle in Emacs 24.5
Date: Sat, 08 Feb 2014 05:43:46 +0900
Message-ID: <87d2iymz5p.fsf@uwakimon.sk.tsukuba.ac.jp>
References: <87ha8f3jt1.fsf@building.gnus.org>
	<jwv61ovmv91.fsf-monnier+emacs@gnu.org>
	<87ppn2qz0f.fsf@building.gnus.org>
	<jwvk3dajo2w.fsf-monnier+emacs@gnu.org>
	<87y51qcace.fsf@lifelogs.com>
	<874n4e3rkm.fsf@uwakimon.sk.tsukuba.ac.jp>
	<87txcdd6d0.fsf@lifelogs.com>
	<87wqh8n877.fsf@uwakimon.sk.tsukuba.ac.jp>
	<87lhxocvfq.fsf@lifelogs.com>
	<87sirwmgd9.fsf@uwakimon.sk.tsukuba.ac.jp>
	<87d2j0ck3q.fsf@lifelogs.com>
	<87r47fn0br.fsf@uwakimon.sk.tsukuba.ac.jp>
	<87ob2jiffc.fsf@fencepost.gnu.org>
	<87lhxnmm0x.fsf@uwakimon.sk.tsukuba.ac.jp>
	<87k3d7i9rt.fsf@fencepost.gnu.org>
	<87iosrmecr.fsf@uwakimon.sk.tsukuba.ac.jp>
	<87bnyji4dw.fsf@fencepost.gnu.org>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
X-Trace: ger.gmane.org 1391805848 1755 80.91.229.3 (7 Feb 2014 20:44:08 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Fri, 7 Feb 2014 20:44:08 +0000 (UTC)
Cc: emacs-devel@gnu.org
To: David Kastrup <dak@gnu.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Feb 07 21:44:15 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1WBsHW-0005CJ-AF
	for ged-emacs-devel@m.gmane.org; Fri, 07 Feb 2014 21:44:14 +0100
Original-Received: from localhost ([::1]:43424 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1WBsHV-0005Rw-T2
	for ged-emacs-devel@m.gmane.org; Fri, 07 Feb 2014 15:44:13 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:47041)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stephen@xemacs.org>) id 1WBsHM-0005Ro-LH
	for emacs-devel@gnu.org; Fri, 07 Feb 2014 15:44:11 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stephen@xemacs.org>) id 1WBsHF-0002Nq-Bl
	for emacs-devel@gnu.org; Fri, 07 Feb 2014 15:44:04 -0500
Original-Received: from mgmt2.sk.tsukuba.ac.jp ([130.158.97.224]:45484)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stephen@xemacs.org>)
	id 1WBsH7-0002NC-5U; Fri, 07 Feb 2014 15:43:49 -0500
Original-Received: from uwakimon.sk.tsukuba.ac.jp (uwakimon.sk.tsukuba.ac.jp
	[130.158.99.156])
	by mgmt2.sk.tsukuba.ac.jp (Postfix) with ESMTP id 51B5D970A21;
	Sat,  8 Feb 2014 05:43:46 +0900 (JST)
Original-Received: by uwakimon.sk.tsukuba.ac.jp (Postfix, from userid 1000)
	id 3DBE01A2794; Sat,  8 Feb 2014 05:43:46 +0900 (JST)
In-Reply-To: <87bnyji4dw.fsf@fencepost.gnu.org>
X-Mailer: VM undefined under 21.5  (beta34) "kale" 2a0f42961ed4 XEmacs Lucid
	(x86_64-unknown-linux)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 130.158.97.224
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:169472
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/169472>

David Kastrup writes:

 > "I'll save my own hide, let all the rest be damned." is the current
 > cornerstone of U.S. interior and foreign policies and yes, that's a
 > choice consistent with fear.

I disagree with your analysis.  AFAICS, U.S. interior and foreign
policy is driven by a desire to keep the U.S. electorate from
panicking in the face of terrorism on U.S. soil (which is bad for
their ability to work and consume).  Its flaw (as an implementation)
is that designed on the basis of a naive extrapolation of conventional
policing technology designed for dealing with bar brawls and burglars.

I mention that only because it is similar to the issue that I have
with Ted's proposal -- I see a naive belief that brandishing a bigger
stick at problems is going to make them go away, even if that stick is
flawed and liable to fracture in actual use.

AFAICS these features don't give us anything that GPG doesn't from the
point of view of encrypted email, and their effect on security from
attackers capable of exploiting the "loose coupling" of GPG-based
features (ie, attackers with direct access to your desktop) is
ambiguous at best.  My estimate is that use of these tools (or of
programs received from others using these tools) actually is likely to
leave users more vulnerable than if they used EPG.  I've seen no
analysis that suggests otherwise, just muttering about "tight coupling
is good in security" (whatever that might actually mean).

What's left is that Ted wants a bright! shiny! toy whose benefits to
users seem vaporous at best, and I don't think that's enough to
overcome Stefan's objections *on other grounds* to the particular
implementation (most important, not via a generic FFI).