From: Joseph Gay <gilleylen@gmail.com>
To: emacs-devel@gnu.org
Subject: convenient digital signing for el files and snippets
Date: Wed, 09 Mar 2011 00:12:13 -0600 [thread overview]
Message-ID: <87k4g83jr6.fsf@geneva.hpsy.me> (raw)
Hi,
I noticed a recent discussion regarding trust with emacswiki et al, and
I have a half-baked idea for increasing user convenience. I'm posting
here for help in gauging viability and usefulness or lack thereof.
In short, add an Emacs command/function to sign an elisp file or snippet
with a comment indicating the signer and signature, and another
command/function to verify the signature.
Usage scenario:
With something like el-get or autoinstall, it is easy to
update a large library or module from emacswiki or other public URI.
However, it is always advisable to check the diff prior to updating
since it is hard to be sure who made what changes.
However, if the file was signed, and contained the signature, it would
be trivial to see whether the signature is valid using a trusted public
key, and let the user know if not and then decide what to do (look at a
diff, look up the key, view changelogs, etc.).
Convenience comes from knowing when a file or snippet is modified by
someone you trust, and thus not having to scan through myriad diffs and
look for possible problems.
Technical details:
Sign a sha1 hash of the file or snippet contents with any existing
signature information removed. Signature for a file is a comment before
the ;;; <file>.el ends here line like ;; Signed <email> <signature>. A
signature for a snippet starts ;;; snip <description> and ends with the
signature line. In this fashion, it should be possible to have a file
containing multiple signed snippets as well as a signed file. The Emacs
command would take care of signing with the user's preferred key and
adding the required comment lines.
There would be one signature (if any), per snippet or file, simply
indicating the last person claiming to be responsible for a particular
sha1. If that person is trusted, and the sha1 matches, all is well. This
is not applicable to git controlled files as git already provides a sha1
for the entire repo and allows annotated tags to be signed.
I'd be happy to implement this functionality if it could work. Any
thoughts?
next reply other threads:[~2011-03-09 6:12 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-09 6:12 Joseph Gay [this message]
2011-03-09 15:33 ` convenient digital signing for el files and snippets Ted Zlatanov
2011-03-09 16:27 ` Joseph Gay
2011-03-09 17:43 ` Ted Zlatanov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87k4g83jr6.fsf@geneva.hpsy.me \
--to=gilleylen@gmail.com \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).