From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Leo <sdl.web@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: Suggestion for epa-mail-mode
Date: Wed, 22 Dec 2010 05:39:51 +0000
Message-ID: <m1tyi69xi0.fsf@cam.ac.uk>
References: <E1OdDoO-00062i-K5@fencepost.gnu.org>
	<m3hbjm2aa0.fsf-ueno@unixuser.org>
	<20100726.062715.451057314.wl@gnu.org>
	<m3d3ua24o6.fsf-ueno@unixuser.org> <m18w4ymp8d.fsf@cam.ac.uk>
	<AANLkTimKVZdgTXCvxrUS8oz-Y3kFs94KijyYBGPwjMij@mail.gmail.com>
	<m1sjxsnky6.fsf@cam.ac.uk>
	<AANLkTikF=8qLcQZrGs-1UfoYTCy343atg=3sCt1P=+ea@mail.gmail.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: dough.gmane.org 1292996416 18037 80.91.229.12 (22 Dec 2010 05:40:16 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Wed, 22 Dec 2010 05:40:16 +0000 (UTC)
Cc: Daiki Ueno <ueno@unixuser.org>, rms@gnu.org, emacs-devel@gnu.org
To: ken manheimer <ken.manheimer@gmail.com>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Dec 22 06:40:11 2010
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1PVHQp-0000I4-Bu
	for ged-emacs-devel@m.gmane.org; Wed, 22 Dec 2010 06:40:11 +0100
Original-Received: from localhost ([127.0.0.1]:40016 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1PVHQo-0000Iq-L6
	for ged-emacs-devel@m.gmane.org; Wed, 22 Dec 2010 00:40:10 -0500
Original-Received: from [140.186.70.92] (port=46254 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PVHQb-0000Ic-Nx
	for emacs-devel@gnu.org; Wed, 22 Dec 2010 00:39:58 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <sdl.web@gmail.com>) id 1PVHQa-0004PJ-EZ
	for emacs-devel@gnu.org; Wed, 22 Dec 2010 00:39:57 -0500
Original-Received: from mail-wy0-f169.google.com ([74.125.82.169]:54317)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <sdl.web@gmail.com>)
	id 1PVHQa-0004Ot-6t; Wed, 22 Dec 2010 00:39:56 -0500
Original-Received: by wyj26 with SMTP id 26so4873573wyj.0
	for <multiple recipients>; Tue, 21 Dec 2010 21:39:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:from:to:cc:subject:references
	:date:in-reply-to:message-id:user-agent:mime-version:content-type;
	bh=/rjYxxStDMhxWQT3SFpcsDPljoOFIFCama1Zj6JF4ko=;
	b=pUTsH4LvS55UZAi5z6wF/Xt+rxmD6pPPcriXt+aEDLX1+kmcW+6ZTq/FClepqz1ZU8
	kS+HhCzPEMi6XcJP/MBKrYzYCsEoHhU0vjc/b5mJF1VZWe8lcV44MTRBSZyGTIiZF/ww
	xH/SsJqjHGuL3urinCjp63+c5qYsTk0KxcNfg=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=from:to:cc:subject:references:date:in-reply-to:message-id
	:user-agent:mime-version:content-type;
	b=qZC9Wp3ZlzfDawj5sooESSzjhSjDPBQONkjRVYxt3XPhLBAs2KTDTfw6DHpkSLiOGe
	gd6p7B0hqlqlfnXdx4Go6YmIbx4AH74vXhTOeRz1eLmVfIQrc0F1alkukfPBsHlhAR9Q
	L8aTrAQnmOFGD0/9G0Tp0eTvrxZjkyl+CpIN4=
Original-Received: by 10.227.60.208 with SMTP id q16mr3992719wbh.184.1292996394964;
	Tue, 21 Dec 2010 21:39:54 -0800 (PST)
Original-Received: from Victoria.local
	(cpc1-cmbg13-0-0-cust596.5-4.cable.virginmedia.com [86.9.122.85])
	by mx.google.com with ESMTPS id m10sm4171186wbc.10.2010.12.21.21.39.53
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Tue, 21 Dec 2010 21:39:53 -0800 (PST)
In-Reply-To: <AANLkTikF=8qLcQZrGs-1UfoYTCy343atg=3sCt1P=+ea@mail.gmail.com>
	(ken manheimer's message of "Mon, 20 Dec 2010 17:52:16 -0500")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2.91 (Mac OS X 10.6.5)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:133890
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/133890>

On 2010-12-20 22:52 +0000, ken manheimer wrote:
> thanks, leo. i'm genuinely sorry it took so long.

Is it? The key is it is done ;)

> in fact, there were some substantial features i had to trade-off in
> the transition. allout is more cumbersome and error-prone for dealing
> with symmetric encodings for numerous encrypted entries in a file,
> because i had to let go of encryption passphrase validation and
> hinting. that comes in exchange for significantly less insecurity due
> to no handling of passphrases in emacs code. instead, as always when
> using epg with GnuPG version 2, all passphrase handling is outside of
> emacs, in gnupg's gpg, gpg-agent, and pinentry, which i expect are
> drastically less vulnerable.
>
> it is for that reason that i was ultimately willing to forego those
> features, though i wish i could have more control without greater
> vulnerability...

Many thanks for the hard work. That looks like good compromise.

> ken

Best,
Leo