From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.devel Subject: Re: NaCl support for Emacs (was: GnuTLS for W32) Date: Mon, 09 Jan 2012 19:09:34 +0200 Message-ID: <83vcokerap.fsf@gnu.org> References: <87hb0b3yoe.fsf@lifelogs.com> <6ED011D5-E185-44C6-BB31-A445A4E5F83A@gmail.com> <87wr976otx.fsf@lifelogs.com> <87ipkq6yy5.fsf@lifelogs.com> <87boqi6tzz.fsf@linux-hvfx.site> <87ehve3ul8.fsf@lifelogs.com> <87lipl22xm.fsf@lifelogs.com> <87boqh20ha.fsf@lifelogs.com> <871urc46c9.fsf@uwakimon.sk.tsukuba.ac.jp> <739bsoysp.fsf@news.eternal-september.org> <87ty47r5yt.fsf@lifelogs.com> <87k452p5u3.fsf@lifelogs.com> <87liphne9e.fsf_-_@lifelogs.com> Reply-To: Eli Zaretskii NNTP-Posting-Host: lo.gmane.org X-Trace: dough.gmane.org 1326129045 20554 80.91.229.12 (9 Jan 2012 17:10:45 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Mon, 9 Jan 2012 17:10:45 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Jan 09 18:10:41 2012 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1RkIk4-0003xQ-OE for ged-emacs-devel@m.gmane.org; Mon, 09 Jan 2012 18:10:40 +0100 Original-Received: from localhost ([::1]:56739 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RkIk3-0006dO-KZ for ged-emacs-devel@m.gmane.org; Mon, 09 Jan 2012 12:10:39 -0500 Original-Received: from eggs.gnu.org ([140.186.70.92]:53445) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RkIjw-0006d3-3D for emacs-devel@gnu.org; Mon, 09 Jan 2012 12:10:37 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1RkIjq-0006GR-6X for emacs-devel@gnu.org; Mon, 09 Jan 2012 12:10:32 -0500 Original-Received: from mtaout20.012.net.il ([80.179.55.166]:47946) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RkIjp-0006GM-QT for emacs-devel@gnu.org; Mon, 09 Jan 2012 12:10:26 -0500 Original-Received: from conversion-daemon.a-mtaout20.012.net.il by a-mtaout20.012.net.il (HyperSendmail v2007.08) id <0LXJ00N00JIT0M00@a-mtaout20.012.net.il> for emacs-devel@gnu.org; Mon, 09 Jan 2012 19:09:33 +0200 (IST) Original-Received: from HOME-C4E4A596F7 ([84.229.34.201]) by a-mtaout20.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0LXJ004OVJNW7UA5@a-mtaout20.012.net.il> for emacs-devel@gnu.org; Mon, 09 Jan 2012 19:09:33 +0200 (IST) In-reply-to: <87liphne9e.fsf_-_@lifelogs.com> X-012-Sender: halo1@inter.net.il X-detected-operating-system: by eggs.gnu.org: Solaris 10 (beta) X-Received-From: 80.179.55.166 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:147520 Archived-At: > From: Ted Zlatanov > Date: Mon, 09 Jan 2012 09:26:21 -0500 > > I'm interested in bringing in support for the NaCl cryptographic library > for Emacs, after 24.1 is out. There is info on NaCl here: > > http://nacl.cr.yp.to/index.html Why not libnettle? We already use it, albeit indirectly, because latest versions of GnuTLS depend on it. There's also libgcrypt, which is a dependency of libxml2. If the functionalities are comparable, bringing in yet another, third, dependency of the same kind doesn't make sense, IMO. > My rationale for supporting this library is that it's fast, very simple > on the client side, and provides good security for arbitrary binary > payloads. There are many places within Emacs where that's appropriate, > whereas heavyweight network-oriented security like GnuTLS is either not > appropriate or not usable. An example is EPA/EPG, which currently > relies on the external GPG utility. Emacs could provide similar > functionality (perhaps integrated with EPA/EPG, perhaps standalone) > without relying on external utilities if it has NaCl support. Isn't GPG built on top of a library that itself sits on top of libgcrypt? If so, it would make sense to use these libraries instead of yet another one. With each new external dependency, we (a) increase the number of external know-how needed to maintain Emacs; (b) increase the complexity of building a feature-rich Emacs on anything but the few most popular GNU/Linux systems; and (c) increase the amount of energy Emacs maintainers/contributors need to spend on external projects -- to build them regularly, participate in discussions, contribute patches, etc. I say, let's bring these dependencies and energy spent on other projects to the absolute minimum, and if we already depend on some functionality, even if it isn't the latest and the greatest, let's use it for as long as it satisfies our needs.