From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel,gmane.emacs.gnus.general Subject: Re: encrypt.el in No Gnus 0.7 Date: Mon, 05 Nov 2007 09:13:47 -0600 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: References: <87zly3y4ru.fsf@catnip.gol.com> <87odejy30k.fsf@catnip.gol.com> <54a15d860710311830s4fa203e3y53fbd6f51496f007@mail.gmail.com> <54a15d860711010824w6888aafdgb0a0e5d48f6fdebb@mail.gmail.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1194275672 15827 80.91.229.12 (5 Nov 2007 15:14:32 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 5 Nov 2007 15:14:32 +0000 (UTC) Cc: miles@gnu.org, ueno@unixuser.org, ding@gnus.org, emacs-devel@gnu.org To: rms@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Nov 05 16:14:34 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1Ip3ea-0004ho-4A for ged-emacs-devel@m.gmane.org; Mon, 05 Nov 2007 16:14:16 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Ip3eO-0005dm-VS for ged-emacs-devel@m.gmane.org; Mon, 05 Nov 2007 10:14:04 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1Ip3eM-0005dg-Cz for emacs-devel@gnu.org; Mon, 05 Nov 2007 10:14:02 -0500 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1Ip3eJ-0005dL-V4 for emacs-devel@gnu.org; Mon, 05 Nov 2007 10:14:01 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Ip3eJ-0005dI-Or for emacs-devel@gnu.org; Mon, 05 Nov 2007 10:13:59 -0500 Original-Received: from blockstar.com ([170.224.69.95] helo=mail.blockstar.com) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1Ip3eC-0005eH-NZ; Mon, 05 Nov 2007 10:13:53 -0500 Original-Received: from mungo.local (c-67-186-103-18.hsd1.il.comcast.net [67.186.103.18]) by mail.blockstar.com (Postfix) with ESMTP id 684B23F854C; Mon, 5 Nov 2007 07:35:21 -0800 (PST) X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Followup-To: rms@gnu.org, ueno@unixuser.org, emacs-devel@gnu.org, ding@gnus.org, miles@gnu.org In-Reply-To: (Richard Stallman's message of "Mon, 05 Nov 2007 03:47:04 -0500") User-Agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1.50 (darwin) X-detected-kernel: by monty-python.gnu.org: Linux 2.6, seldom 2.4 (older, 4) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:82585 gmane.emacs.gnus.general:65554 Archived-At: On Mon, 05 Nov 2007 03:47:04 -0500 Richard Stallman wrote: RS> I just looked at encrypt.el. It appears to support just GnuPG RS> and "Built-in simple XOR". And built-in simple XOR is just an RS> example, not for real use. RS> The idea is to allow users to supply their own ciphers, and to support RS> other external utilities as users find it necessary. RS> It is a sensible feature, but is it worth including in Emacs? I am RS> not convinced this is sufficiently useful to be worth including. In my experience, giving users creative freedom is always worth it. Emacs is built around the idea of letting users do what they want, isn't it? I am surprised you are OK with locking Emacs users into GnuPG, which is nice software but certainly not the only way to do encryption. RS> Is there any sign that users use it? The package was in Gnus, and I don't have bug reports. I have not advertised the library so far, except for brief notes to Gnus users. So I don't have a sample big enough to answer your question. RS> 1) users don't have to install GnuPG to use simple obfuscation ciphers RS> (yes, this is sometimes useful). RS> If you mean Rot13, aren't there other interfaces for that? It seems RS> to me that we don't want to use the same command for Rot13 as we use RS> for GPG, because it is inconvenient to have to select one or the other RS> each time. We want two different commands. I don't mean ROT13 specifically. I keep repeating this: the users will come up with interesting ciphers. Instead of anticipating their needs, the API should support them by being simple and flexible. In any case, the user wouldn't select a cipher each time. The encrypt-find-model function will determine the encryption model, currently from an alist. The user chooses, for example, that ~/.authinfo is encrypted with GnuPG, but ~/emacs/*.el will use cipher X because it's more appropriate. Perhaps cipher X is the XOR cipher because the user is OK with simple obfuscation. RS> 3) other external utilities can be supported. RS> Are there any that are useful to support? I found a few GPL ones (just a sample list) with a simple web search: MCrypt http://mcrypt.sourceforge.net/ AxCrypt http://www.axantum.com/AxCrypt/ ScramDisk 4 Linux http://sourceforge.net/projects/sd4l/ Several steganography tools (hide data inside an image, for example) They all do things GnuPG doesn't as far as I can tell, though some functionality may overlap. RS> 4) ciphers, being Emacs Lisp code, can do almost anything: SSH to a RS> remote machine, use BBDB, use IMAP, use version control... RS> I really don't like the idea of labeling such things as "encryption". External functions may be involved in customizing the encryption process Here are some examples (again, I'd rather let the users implement what they need, this is just my list of things I might find interesting): - use BBDB to store shared keys or public keys - get shared or public keys from an IMAP server (stored in a message) - on a CVS/SVN/etc. checkin/checkout, use another file in the repository to modify the shared key or as the shared key - pure Lisp ciphers for quick experimentation and sharing Ted