From: Stefan Monnier <monnier@iro.umontreal.ca>
To: emacs-devel@gnu.org
Subject: Re: Emacs crypto use cases
Date: Mon, 07 Oct 2013 23:02:21 -0400 [thread overview]
Message-ID: <jwva9ik5vqw.fsf-monnier+emacs@gnu.org> (raw)
In-Reply-To: <87d2ngzlyl.fsf_-_@flea.lifelogs.com> (Ted Zlatanov's message of "Mon, 07 Oct 2013 19:43:14 -0400")
> I can't help the FFI problem,
Can't see why not. On the contrary, you have a perfect use case for the
FFI, so all you need is to dive in. The way I suggest to do it
(apparently a path also followed by Jerry James <james@xemacs.org> in
XEmacs) does not require any special knowledge, AFAICT.
Just write a .c file and matching .h that will be included in Emacs and
that describe some functions exported from Emacs to the dynload modules.
Then adjust your libnettle code to use those exported functions instead
of the lisp.h macros. Then write a bit of package.el code that runs
a C compiler for packages that include such C files. And finally add
a `dynload' function that uses something along the lines of `dl_open'.
> but you already depend on libgnutls so I don't see what difference it
> makes here.
It means more code, hence more bugs to fix, especially in the long run.
It means more exposed interfaces that we'll have to live with for the
next decades.
Hence the need for "clear and concrete use-case" to justify the investment.
> the Emacs core well. I will make an effort here to list some use cases,
> but I am positive there will be more as time goes on. I would
> appreciate it if anyone else interested in this work added their use
> cases or vote of support.
I don't need hypothetical use-cases. I need concrete ones.
> - symmetric encryption without the burden or risk of shelling out
> (http://gnutls.org/manual/html_node/Encryption-algorithms-used-in-the-record-layer.html#tab_003aciphers).
> I would love to use this instead of the painfully heavy GnuPG
> integration for the symmetric case.
I don't see off hand what would be the benefit: maybe it avoids the
password problems you reported, but IIUC these only affect GPG2, so
there's already an alternative solution which is to use GPG1.
Also, it sounds like it wouldn't immediately give us the ability to
en/decrypt GPG messages, but instead we'd either have to roll our own
format (bad idea), or reimplement some of GPG's code (bad idea).
Better work on trying to solve the password problem either by fixing
GPG2 or by changing the way epg.el uses GPG2.
> - HMAC keyed hashing (http://www.ietf.org/rfc/rfc2104.txt) allowing
> message authentication with a shared key. For instance, that would
> allow the Emacs client and server to authenticate the data they share
> without a full PPK infrastructure,
Still requires distribution of that shared key, which seems like a pain
compared to simply connecting via SSH.
So, I'll be happy to add such code to GNU ELPA, but for now I don't want
it in Emacs. Hence the FFI.
Stefan
next prev parent reply other threads:[~2013-10-08 3:02 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-06 9:15 GNU Emacs-libnettle-libhogweed integration patch v1 Ted Zlatanov
2013-10-06 9:58 ` bignum support in Emacs with libgmp (was: GNU Emacs-libnettle-libhogweed integration patch v1) Ted Zlatanov
2013-10-06 16:09 ` GNU Emacs-libnettle-libhogweed integration patch v1 Eli Zaretskii
2013-10-06 21:07 ` Ted Zlatanov
2013-10-06 16:51 ` Stefan Monnier
2013-10-06 16:58 ` Eli Zaretskii
2013-10-06 21:19 ` Ted Zlatanov
2013-10-07 4:02 ` Stefan Monnier
2013-10-07 11:41 ` Ted Zlatanov
2013-10-07 22:03 ` Ted Zlatanov
2013-10-07 22:58 ` Stefan Monnier
2013-10-07 23:43 ` Emacs crypto use cases (was: GNU Emacs-libnettle-libhogweed integration patch v1) Ted Zlatanov
2013-10-08 3:02 ` Stefan Monnier [this message]
2013-10-08 10:33 ` Emacs crypto use cases Ted Zlatanov
2013-10-08 13:17 ` Stephen J. Turnbull
2013-10-08 16:35 ` DSO-style FFI (was: Emacs crypto use cases) Stefan Monnier
2013-10-08 17:32 ` DSO-style FFI Tom Tromey
2013-10-08 19:42 ` Ted Zlatanov
2013-10-08 20:43 ` Tom Tromey
2013-10-09 23:21 ` Ted Zlatanov
2013-10-10 8:09 ` Andreas Schwab
2013-10-08 20:47 ` Davis Herring
2013-10-09 22:26 ` Ted Zlatanov
2013-10-09 23:52 ` Davis Herring
2013-10-10 1:25 ` Ted Zlatanov
2013-10-10 4:36 ` DSO-style DSOs (this is NOT an FFI!) Stephen J. Turnbull
2013-10-09 1:48 ` DSO-style FFI Stephen J. Turnbull
2013-10-09 2:40 ` Stefan Monnier
2013-10-12 15:34 ` Michael Welsh Duggan
2013-10-12 18:55 ` Stefan Monnier
2013-10-18 13:31 ` Ted Zlatanov
2013-10-19 14:41 ` Stefan Monnier
2013-10-19 15:08 ` Stefan Monnier
2013-10-19 17:33 ` Andy Moreton
2013-10-19 19:44 ` Ted Zlatanov
2013-10-12 23:36 ` Stephen J. Turnbull
2013-10-08 19:50 ` Ted Zlatanov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=jwva9ik5vqw.fsf-monnier+emacs@gnu.org \
--to=monnier@iro.umontreal.ca \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.