From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel,gmane.emacs.gnus.general Subject: Re: encrypt.el in No Gnus 0.7 Date: Fri, 02 Nov 2007 09:08:54 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: References: <87zly3y4ru.fsf@catnip.gol.com> <87odejy30k.fsf@catnip.gol.com> <54a15d860710311830s4fa203e3y53fbd6f51496f007@mail.gmail.com> <54a15d860711010824w6888aafdgb0a0e5d48f6fdebb@mail.gmail.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1194012581 4688 80.91.229.12 (2 Nov 2007 14:09:41 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 2 Nov 2007 14:09:41 +0000 (UTC) Cc: Miles Bader , ding@gnus.org, emacs-devel@gnu.org To: "Daiki Ueno" Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Nov 02 15:09:41 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1InxD6-0004fD-PJ for ged-emacs-devel@m.gmane.org; Fri, 02 Nov 2007 15:09:21 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1InxCw-0003kc-Gq for ged-emacs-devel@m.gmane.org; Fri, 02 Nov 2007 10:09:10 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1InxCs-0003k7-IS for emacs-devel@gnu.org; Fri, 02 Nov 2007 10:09:06 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1InxCp-0003ix-JF for emacs-devel@gnu.org; Fri, 02 Nov 2007 10:09:05 -0400 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1InxCp-0003iu-Av for emacs-devel@gnu.org; Fri, 02 Nov 2007 10:09:03 -0400 Original-Received: from blockstar.com ([170.224.69.95] helo=mail.blockstar.com) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1InxCk-000834-GV; Fri, 02 Nov 2007 10:08:58 -0400 Original-Received: from mungo (c-67-186-103-18.hsd1.il.comcast.net [67.186.103.18]) by mail.blockstar.com (Postfix) with ESMTP id 7AA333F851C; Fri, 2 Nov 2007 07:29:58 -0700 (PDT) X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Followup-To: "Daiki Ueno" , emacs-devel@gnu.org, ding@gnus.org, "Miles Bader" In-Reply-To: <54a15d860711010824w6888aafdgb0a0e5d48f6fdebb@mail.gmail.com> (Daiki Ueno's message of "Fri, 2 Nov 2007 00:24:04 +0900") User-Agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1.50 (darwin) X-detected-kernel: by monty-python.gnu.org: Linux 2.6, seldom 2.4 (older, 4) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:82353 gmane.emacs.gnus.general:65529 Archived-At: On Fri, 2 Nov 2007 00:24:04 +0900 "Daiki Ueno" wrote: DU> 2007/11/2, Ted Zlatanov : >> On Thu, 1 Nov 2007 10:30:54 +0900 "Daiki Ueno" wrote: DU> epa-file.el in EasyPG can also do that. Have you looked at it? DU> I think it is much easier to use since it does not need elisp setup DU> like encrypt-file-alist. >> >> encrypt-file-alist can be set up via Customize. It's intended as an >> API, however, so I am not concerned about end users too much. DU> I think encrypt-file-alist is too much custamisable since GnuPG DU> records what cipher is used to encrypt in the PGP message. See DU> RFC2440. Again, you're tightly bound to GnuPG. Does EasyPG support arbitrary, user-supplied ciphers? I didn't see that ability. DU> Yes, EasyPG does not (yet) provide a way to specify the cipher DU> algorithm but as I mentioned above we need to specify only the first DU> time. Is it not enough to edit ~/.gnupg/gpg.conf or manually call the DU> gpg command with options? Definitely no. Again, you're tightly bound to GnuPG. Your README says: "EasyPG is an all-in-one GnuPG interface for Emacs. It has two aspects: convenient tools which allow to use GnuPG from Emacs (EasyPG Assistant), and a fully functional interface library to GnuPG (EasyPG Library)." There's nothing wrong with that, but you're entirely dependent on GnuPG to do the encryption and decryption, so you most definitely do not provide the same services as encrypt.el. DU> I also think that your XOR cipher is not a good idea as a fallback DU> algorithm. Have you ever read Simon Singh's "The Code Book"? It's not a fallback, it's an example implementation. I have not read that particular book, but I have studied encryption algorithms in college and have used them at the API level many times since. DU> Yes, EasyPG is a bit complex and invasive. But IMO sometimes DU> usability should be given priority over simplicity & DU> non-invasiveness. >> >> Sure, and that's your choice to make within the EasyPG package, which >> has specific needs. I think an API must be simple an non-invasive, >> though, and encrypt.el is by those standards a better API than >> epa-file.el or any other *crypt* package I've seen. If I'm wrong, >> please tell me. DU> epa-file.el is an *application* not a *libarary* (I'm a bit tired of DU> explanating these difference again and again...). Sorry, but you'll have to be patient with me. I did not get that distinction from the EasyPG docs, perhaps I missed it. DU> epg.el is the library and it provides the API. Since it only DU> accepts string or file for encryption and do not cache passphrase, DU> it is simpler than encrypt.el. We're talking in circles. What you consider simplicity is in fact reliance on an external tool, which handles everything for you. I think encryption and decryption should be possible with an API, without external tools. If we disagree and EasyPG is the only encryption API in Emacs, then I will keep maintaining encrypt.el in the Gnus development tree. Ted