From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: Wherein I argue for the inclusion of libnettle in Emacs 24.5 Date: Wed, 05 Feb 2014 02:00:49 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87y51qcace.fsf@lifelogs.com> References: <87ha8f3jt1.fsf@building.gnus.org> <87ppn2qz0f.fsf@building.gnus.org> Reply-To: emacs-devel@gnu.org NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1391583666 28034 80.91.229.3 (5 Feb 2014 07:01:06 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 5 Feb 2014 07:01:06 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Feb 05 08:01:13 2014 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1WAwTw-0000mx-Sm for ged-emacs-devel@m.gmane.org; Wed, 05 Feb 2014 08:01:13 +0100 Original-Received: from localhost ([::1]:57657 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WAwTw-00089J-I3 for ged-emacs-devel@m.gmane.org; Wed, 05 Feb 2014 02:01:12 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:51781) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WAwTn-000815-Ve for emacs-devel@gnu.org; Wed, 05 Feb 2014 02:01:09 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WAwTi-0007Sp-QO for emacs-devel@gnu.org; Wed, 05 Feb 2014 02:01:03 -0500 Original-Received: from plane.gmane.org ([80.91.229.3]:42770) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WAwTi-0007Sf-L5 for emacs-devel@gnu.org; Wed, 05 Feb 2014 02:00:58 -0500 Original-Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1WAwTg-0000fA-M0 for emacs-devel@gnu.org; Wed, 05 Feb 2014 08:00:56 +0100 Original-Received: from c-98-229-61-72.hsd1.ma.comcast.net ([98.229.61.72]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 05 Feb 2014 08:00:56 +0100 Original-Received: from tzz by c-98-229-61-72.hsd1.ma.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 05 Feb 2014 08:00:56 +0100 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org Original-Lines: 50 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: c-98-229-61-72.hsd1.ma.comcast.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) Cancel-Lock: sha1:bXk1tKybW0210PUF7iN78mcjT/c= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 80.91.229.3 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:169406 Archived-At: On Tue, 04 Feb 2014 21:28:00 -0500 Stefan Monnier wrote: >> The past few years I've argued for a few, and they've all been "free" SM> They look free on the surface, but they're not free. Users' time is not free either. When you make them set up infrastructure, install programs, learn other tools, and so on, that's a burden too, and I think it's dishonest to say only developers' time matters. You wanted use cases, you got them. At this point your objection to using more of the GnuTLS API seems to be "because I want FFI." You'll get it, and I'll work on it. I just think FFI is the wrong way to bring in the GnuTLS ciphers and hashes. SM> I want to move this outside the core, specifically so these things can SM> develop much more rapidly. Please see my objection to loose coupling of encryption primitives in particular. They are not regular features and they won't change often at all. This is a very low-risk addition to the core. On Wed, 05 Feb 2014 14:11:59 +0900 Daiki Ueno wrote: DU> On the other hand, who will trust such encrypting code written by a DU> guy with no crypto/security background? ... DU> As far as I know, only projects that have gotten problems with EPG were DU> written by the same author who never try to understand the concepts of DU> EPG/GPG and repeatedly pushes his own fancy crypto ideas with DU> hypothetical use-cases. Right. Shelling out to an external binary every time you want to verify a package's signature or want to encrypt/decrypt/sign data makes perfect sense. Blindly entering your passphrase in an anonymous popup that says it's from the GnuPG agent is how things are done. Trusting loosely coupled components is standard industry practice. Forcing users to do all of that, or "no encryption for you" is for their own good, on every platform where Emacs runs, from Android to W32 to Mac OS X to many flavors of Unix. Users are just too stupid to decide these things on their own. Is that how experts with a crypto/security background do it? I'm understanding now. Ted