From: Ted Zlatanov <tzz@lifelogs.com>
To: emacs-devel@gnu.org
Subject: Re: GPGME
Date: Wed, 29 Jun 2011 06:09:27 -0500 [thread overview]
Message-ID: <87iprosxlk.fsf@lifelogs.com> (raw)
In-Reply-To: 874o39n171.fsf-ueno@unixuser.org
On Wed, 29 Jun 2011 05:36:02 +0900 Daiki Ueno <ueno@unixuser.org> wrote:
DU> Ted Zlatanov <tzz@lifelogs.com> writes:
>> Are there any alternatives? Maybe you remember our discussion years ago
>> about encrypt.el, where I proposed a neutral API with at least some
>> symmetric ciphers implemented in ELisp and C in the Emacs core
>> (essentially what Lars was requesting).
DU> I remember that the problem of encrypt.el was that the data format is
DU> not interoperable and the algorithm used is not interchangeable though
DU> the API might be neutral.
Is that a problem, if the intent is to provide an Emacs facility?
DU> I guess you need a minimal encryption function which employs the
DU> standard GPG message format (RFC4880).
I'm not sure that would benefit any Emacs users since EPA/EPG already
provide so much functionality for this and the GPG message format
doesn't seem to have any obvious benefits for simple data encryption.
>> Could something like that work
>> within the EPA/EPG structure, so some special invocation of
>> `epg-encrypt-string' could bypass the external callout to GPG?
DU> If your statement in <87wrh0fh4g.fsf_-_@lifelogs.com>:
DU> The decoding will happen late, probably in the funcall to obtain the
DU> secret (and it will set some scoped variables to cache the data)
DU> is true, epg-encrypt-string is not necessarily to be optimized in that
DU> way, I think. How about implementing your side first and profiling
DU> before the optimization?
That's not a performance optimization. We decode late to avoid
prompting the user for a passphrase before the password is actually
needed.
I'm asking if, instead of a new package, we can use `epg-encrypt-string'
to provide symmetric encryption without calling GPG externally. It can
provide it in any format and with any symmetric cipher you think would
make sense. But if you don't think so, then we need a new package to
provide that functionality.
DU> One suggestion to reduce the number of calls to epg-encrypt-string is
DU> that, I would suggest encrypt the key name as well. For example,
DU> key1 val1 encrypted hexdata
DU> where hexdata is decrypted to:
DU> key2 val2 key3 val3
But if we do that, we have to decrypt the hexdata in order to know it
has key2 and key3. The benefit of the GPG tokens for netrc field
encryption is that you know all the keys, so you can search for "must
have key X" with confidence, without prompting the user, and without
extra decryption overhead at search time. Obviosly if you search for
"must have key X with value Y" that doesn't work, but typically we don't
encrypt things that we search for. Right now we only encrypt the
password in any case.
Ted
next prev parent reply other threads:[~2011-06-29 11:09 UTC|newest]
Thread overview: 203+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-23 18:54 Emacs RPC Lars Magne Ingebrigtsen
2011-04-24 3:21 ` T.V. Raman
2011-04-24 20:04 ` Richard Stallman
2011-04-24 20:24 ` Lars Magne Ingebrigtsen
2011-04-25 17:55 ` Richard Stallman
2011-05-01 18:53 ` Lars Magne Ingebrigtsen
2011-05-02 2:13 ` Lars Magne Ingebrigtsen
2011-05-02 21:25 ` Chong Yidong
2011-05-02 22:54 ` Lars Magne Ingebrigtsen
2011-04-24 20:26 ` Daniel Colascione
2011-04-25 17:56 ` Richard Stallman
2011-04-24 17:40 ` Chong Yidong
2011-04-24 18:00 ` Lars Magne Ingebrigtsen
2011-04-24 19:56 ` Chong Yidong
2011-04-25 1:21 ` Ted Zlatanov
2011-04-25 1:26 ` Lars Magne Ingebrigtsen
2011-04-25 2:05 ` Ted Zlatanov
2011-04-25 12:57 ` Stefan Monnier
2011-04-25 12:59 ` Stefan Monnier
2011-04-25 17:00 ` Emacs RPC security (was: Emacs RPC) Ted Zlatanov
2011-04-25 17:35 ` Emacs RPC security Stefan Monnier
2011-04-25 18:02 ` Ted Zlatanov
2011-04-25 18:17 ` Daniel Colascione
2011-04-25 19:43 ` Ted Zlatanov
2011-04-25 18:38 ` Stefan Monnier
2011-04-25 18:57 ` Ted Zlatanov
2011-05-01 18:55 ` Lars Magne Ingebrigtsen
2011-05-01 22:02 ` Lars Magne Ingebrigtsen
2011-05-01 22:19 ` Opportunistic STARTTLS in smtpmail.el (was: Emacs RPC security) Lars Magne Ingebrigtsen
2011-05-02 15:20 ` Opportunistic STARTTLS in smtpmail.el James Cloos
2011-05-02 18:52 ` Ted Zlatanov
2011-05-02 18:59 ` Lars Magne Ingebrigtsen
2011-05-02 19:21 ` Ted Zlatanov
2011-05-02 23:36 ` Lars Magne Ingebrigtsen
2011-05-03 0:29 ` Ted Zlatanov
2011-05-03 1:01 ` Lars Magne Ingebrigtsen
2011-05-03 1:22 ` Ted Zlatanov
2011-05-03 22:04 ` Lars Magne Ingebrigtsen
2011-05-04 1:37 ` Ted Zlatanov
2011-05-30 17:45 ` Lars Magne Ingebrigtsen
2011-05-30 18:07 ` Robert Pluim
2011-05-30 18:14 ` Lars Magne Ingebrigtsen
2011-05-30 18:54 ` Robert Pluim
2011-05-30 19:13 ` Stefan Monnier
2011-05-30 19:43 ` Lars Magne Ingebrigtsen
2011-05-30 23:10 ` Lars Magne Ingebrigtsen
2011-05-31 7:11 ` Robert Pluim
2011-05-31 10:13 ` Ted Zlatanov
2011-05-31 18:19 ` Lars Magne Ingebrigtsen
2011-05-31 19:39 ` Ted Zlatanov
2011-05-31 20:32 ` Lars Magne Ingebrigtsen
2011-06-01 0:37 ` Ted Zlatanov
2011-06-01 1:29 ` Stefan Monnier
2011-06-01 2:04 ` Ted Zlatanov
2011-06-01 12:37 ` Stefan Monnier
2011-06-01 13:34 ` Ted Zlatanov
2011-06-01 14:39 ` Stefan Monnier
2011-06-01 15:14 ` Ted Zlatanov
2011-06-02 4:09 ` Stefan Monnier
2011-06-02 8:57 ` Robert Pluim
2011-06-02 11:45 ` Daiki Ueno
2011-06-02 12:24 ` Stefan Monnier
2011-06-02 14:20 ` Ted Zlatanov
2011-06-02 15:03 ` Daiki Ueno
2011-06-02 15:31 ` Ted Zlatanov
2011-06-03 21:54 ` Lars Magne Ingebrigtsen
2011-06-05 15:11 ` netrc field encryption in auth-source (was: Opportunistic STARTTLS in smtpmail.el) Ted Zlatanov
2011-06-26 10:09 ` netrc field encryption in auth-source Lars Magne Ingebrigtsen
2011-06-27 15:43 ` GPGME (was: netrc field encryption in auth-source) Ted Zlatanov
2011-06-27 21:47 ` GPGME Daiki Ueno
2011-06-28 11:56 ` GPGME Ted Zlatanov
2011-06-28 20:36 ` GPGME Daiki Ueno
2011-06-29 8:07 ` secure plist store Daiki Ueno
2011-06-29 8:25 ` Lars Magne Ingebrigtsen
2011-06-29 9:05 ` Daiki Ueno
2011-06-29 10:46 ` Ted Zlatanov
2011-06-29 11:30 ` Daiki Ueno
2011-06-29 12:38 ` Ted Zlatanov
2011-06-29 13:39 ` Daiki Ueno
2011-06-29 10:54 ` Ted Zlatanov
2011-06-29 11:59 ` Daiki Ueno
2011-06-29 12:58 ` Ted Zlatanov
2011-06-29 14:34 ` Ted Zlatanov
2011-06-29 18:31 ` Daiki Ueno
2011-06-30 12:23 ` Ted Zlatanov
2011-06-30 23:10 ` Daiki Ueno
2011-07-01 13:36 ` Ted Zlatanov
2011-06-29 14:37 ` Ted Zlatanov
2011-06-29 14:36 ` Ted Zlatanov
2011-06-30 7:43 ` Daiki Ueno
2011-06-30 12:19 ` Ted Zlatanov
2011-06-30 13:42 ` Daiki Ueno
2011-06-30 14:54 ` Ted Zlatanov
2011-06-30 22:18 ` Daiki Ueno
2011-06-30 22:34 ` Ted Zlatanov
2011-07-01 2:28 ` Daiki Ueno
2011-07-01 13:18 ` Ted Zlatanov
2011-07-03 2:13 ` Daiki Ueno
2011-06-29 11:09 ` Ted Zlatanov [this message]
2011-06-29 13:15 ` GPGME Daiki Ueno
2011-06-29 17:21 ` GPGME Ted Zlatanov
2011-06-29 18:41 ` GPGME Daiki Ueno
2011-06-30 12:46 ` GPGME Ted Zlatanov
2011-06-02 13:09 ` Opportunistic STARTTLS in smtpmail.el Ted Zlatanov
2011-06-02 13:44 ` Daiki Ueno
2011-06-03 21:50 ` Lars Magne Ingebrigtsen
2011-05-31 1:25 ` Stefan Monnier
2011-05-31 18:21 ` Lars Magne Ingebrigtsen
2011-05-31 21:18 ` Stefan Monnier
2011-06-03 21:48 ` Lars Magne Ingebrigtsen
2011-06-05 14:55 ` Ted Zlatanov
2011-06-09 18:02 ` Lars Magne Ingebrigtsen
2011-06-09 21:06 ` Ted Zlatanov
2011-06-10 16:05 ` netrc field encryption in auth-source (was: Opportunistic STARTTLS in smtpmail.el) Ted Zlatanov
2011-06-13 21:47 ` netrc field encryption in auth-source Ted Zlatanov
2011-06-13 22:21 ` Lars Magne Ingebrigtsen
2011-06-15 16:20 ` Lars Magne Ingebrigtsen
2011-06-15 21:21 ` Lars Magne Ingebrigtsen
2011-06-16 3:49 ` Ted Zlatanov
2011-06-16 8:32 ` Robert Pluim
2011-06-16 13:35 ` Ted Zlatanov
2011-06-16 20:28 ` Reiner Steib
2011-06-16 21:05 ` Lars Magne Ingebrigtsen
2011-06-17 1:03 ` should docstrings include all defcustom options? (was: netrc field encryption in auth-source) Ted Zlatanov
2011-06-17 7:17 ` netrc field encryption in auth-source Robert Pluim
2011-06-17 9:32 ` Ted Zlatanov
2011-06-17 9:53 ` Robert Pluim
2011-06-17 10:21 ` Ted Zlatanov
2011-06-21 19:32 ` Lars Magne Ingebrigtsen
2011-06-21 19:51 ` Ted Zlatanov
2011-06-21 20:19 ` Committing new smtpmail.el later tonight (was: netrc field encryption in auth-source) Lars Magne Ingebrigtsen
2011-06-21 21:01 ` Committing new smtpmail.el later tonight Lars Magne Ingebrigtsen
2011-06-21 22:07 ` Antoine Levitt
2011-06-21 22:17 ` Lars Magne Ingebrigtsen
2011-06-21 22:25 ` Antoine Levitt
2011-06-21 22:36 ` Lars Magne Ingebrigtsen
2011-06-21 22:46 ` Lars Magne Ingebrigtsen
2011-06-21 22:57 ` Lars Magne Ingebrigtsen
2011-06-22 9:01 ` Antoine Levitt
2011-06-22 8:27 ` Robert Pluim
2011-06-22 8:30 ` Lars Magne Ingebrigtsen
2011-06-22 8:52 ` Robert Pluim
2011-06-22 9:11 ` Lars Magne Ingebrigtsen
2011-06-22 9:17 ` Lars Magne Ingebrigtsen
2011-06-22 9:34 ` Robert Pluim
2011-06-22 9:41 ` Lars Magne Ingebrigtsen
2011-06-22 14:25 ` Lars Magne Ingebrigtsen
2011-06-22 14:49 ` Lars Magne Ingebrigtsen
2011-06-22 17:45 ` Robert Pluim
2011-06-22 18:48 ` Lars Magne Ingebrigtsen
2011-06-23 8:01 ` Robert Pluim
2011-06-22 15:51 ` Ted Zlatanov
2011-06-22 19:24 ` Lars Magne Ingebrigtsen
2011-06-22 20:27 ` Ted Zlatanov
2011-06-22 20:43 ` Lars Magne Ingebrigtsen
2011-06-22 21:36 ` Ted Zlatanov
2011-06-22 2:52 ` Eli Zaretskii
2011-06-22 14:53 ` Lars Magne Ingebrigtsen
2011-06-22 15:50 ` Robert Pluim
2011-06-22 16:19 ` Eli Zaretskii
2011-06-22 17:16 ` Ted Zlatanov
2011-06-22 19:50 ` Eli Zaretskii
2011-06-22 19:56 ` Lars Magne Ingebrigtsen
2011-06-22 21:32 ` Ted Zlatanov
2011-06-22 20:27 ` Stefan Monnier
2011-06-22 20:38 ` Lars Magne Ingebrigtsen
2011-06-22 20:53 ` Lars Magne Ingebrigtsen
2011-06-22 15:55 ` Ted Zlatanov
2011-06-22 16:51 ` Eli Zaretskii
2011-06-22 15:56 ` Ted Zlatanov
2011-06-30 13:16 ` netrc field encryption in auth-source Ted Zlatanov
2011-06-06 15:06 ` Opportunistic STARTTLS in smtpmail.el Stefan Monnier
2011-06-09 17:56 ` Lars Magne Ingebrigtsen
2011-06-10 20:44 ` Stefan Monnier
2011-05-03 15:20 ` client certs and CRL lists for GnuTLS (was: Opportunistic STARTTLS in smtpmail.el) Ted Zlatanov
2011-05-03 15:25 ` client certs and CRL lists for GnuTLS Lars Magne Ingebrigtsen
2011-05-03 15:47 ` Ted Zlatanov
2011-05-03 21:54 ` Lars Magne Ingebrigtsen
2011-05-04 1:39 ` Ted Zlatanov
2011-05-08 20:59 ` Chong Yidong
2011-05-09 10:52 ` Ted Zlatanov
2011-05-09 15:00 ` Chong Yidong
2011-05-09 15:30 ` Gnus ERT tests inside Emacs (was: client certs and CRL lists for GnuTLS) Ted Zlatanov
2011-05-09 15:46 ` Gnus ERT tests inside Emacs David Engster
2011-05-09 15:58 ` Ted Zlatanov
2011-05-11 21:36 ` Ted Zlatanov
2011-05-02 9:37 ` Emacs RPC security Julien Danjou
2011-05-02 18:57 ` Ted Zlatanov
2011-05-02 19:48 ` Stefan Monnier
2011-05-02 19:56 ` Ted Zlatanov
2011-05-02 22:56 ` Lars Magne Ingebrigtsen
2011-05-03 0:25 ` Ted Zlatanov
2011-05-03 0:51 ` Lars Magne Ingebrigtsen
2011-05-03 1:12 ` Ted Zlatanov
2011-05-03 1:16 ` Lars Magne Ingebrigtsen
2011-05-03 1:27 ` Ted Zlatanov
2011-05-03 1:34 ` Lars Magne Ingebrigtsen
2011-05-03 2:35 ` Stefan Monnier
2011-05-03 6:24 ` Harald Hanche-Olsen
2011-05-03 13:47 ` Stefan Monnier
2011-05-03 0:35 ` Stefan Monnier
2011-04-26 12:13 ` Emacs RPC Sebastian Rose
2011-04-26 13:18 ` Stefan Monnier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87iprosxlk.fsf@lifelogs.com \
--to=tzz@lifelogs.com \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.