From: Ted Zlatanov <tzz@lifelogs.com>
Cc: ding@gnus.org
Subject: Re: netrc.el now supports encoded files
Date: Tue, 06 Jan 2004 18:58:42 -0500 [thread overview]
Message-ID: <4nfzesy6h9.fsf@collins.bwh.harvard.edu> (raw)
In-Reply-To: <iluad50bqxj.fsf@latte.josefsson.org> (Simon Josefsson's message of "Wed, 07 Jan 2004 00:25:28 +0100")
On Wed, 07 Jan 2004, jas@extundo.com wrote:
> Perhaps several levels are useful. But none of this is enabled by
> default, is it? I mean, users have to request encryption of
> .authinfo for it to happen, right?
Right, netrc-encrypting-method has to be set to something right now.
> But I'm not sure I see the advantage of b64 over plain-text.
grep -i password /home/*/.??*
would not work, for instance, if trivial obfuscation is applied.
It's better that the user makes the file unreadable to outsiders, but
in reality users don't realize this if it happens.
> Anyway, it sounds more and more like this could be a separate
> package. "encrypt.el" is available, AFAICT. Using various hooks,
> such a package might be able to work without the cooperation of Gnus
> at all. Then you could request automatic encryption/decrypt of
> ~/.newsrc.eld by saying (add-to-list 'encrypt-file-alist
> '("~/.newsrc.eld." gpg-symmetric)) or something like that.
I think cooperation is good. Trying to hide the reality of the
situation - that we're encoding files with external utilities or
internal functions - is sure to cause problems in the long run. I see
it in crypt++.el, and it's not pretty. It interferes with many
packages.
I'd prefer that Gnus use the functions below, which will revert to the
regular Emacs functions unless they see the file in
gnus-encrypt-file-alist as you suggest above. It's sort of a
compromise, but I think trying to be too clever won't work :)
> But that sounds like work, so simply adding gpg support to netrc.el
> might be sufficient.
I think I'd like to start on gnus-encrypt.el. These functions will
be available:
gnus-encrypt-insert-file-contents
gnus-encrypt-write-file-contents
and these variables:
gnus-encrypt-file-alist
The format of that variable: list of filenames or regular expressions
matched with an encrypting/decrypting method. Methods:
'(gpg PUBKEY) ; RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
'(gpg CIPHER) ; 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
'(openssl CIPHER) ; too many to list
'(internal CIPHER) ; rijndael, RC4, XOR, Base64 etc.
What do you think? Any comments before I start coding?
Thanks
Ted
next prev parent reply other threads:[~2004-01-06 23:58 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-01-05 23:22 Ted Zlatanov
2004-01-05 23:34 ` Jesper Harder
2004-01-06 1:02 ` Ted Zlatanov
2004-01-06 0:13 ` Steven E. Harris
2004-01-06 1:01 ` Ted Zlatanov
2004-01-06 21:57 ` Chris Green
2004-01-06 23:00 ` Ted Zlatanov
2004-01-06 23:25 ` Simon Josefsson
2004-01-06 23:58 ` Ted Zlatanov [this message]
2004-01-07 0:09 ` Simon Josefsson
2004-01-07 2:53 ` Lars Magne Ingebrigtsen
2004-01-08 22:03 ` Ted Zlatanov
2004-01-27 19:44 ` Ted Zlatanov
2004-01-07 14:47 ` Chris Green
2004-01-08 20:48 ` Ted Zlatanov
2004-01-06 13:28 ` Simon Josefsson
2004-01-06 19:58 ` Ted Zlatanov
2004-01-06 20:24 ` Simon Josefsson
2004-01-06 20:59 ` Steven E. Harris
2004-01-06 22:00 ` Simon Josefsson
2004-01-06 22:24 ` Simon Josefsson
2004-01-06 22:56 ` Ted Zlatanov
2004-01-06 23:13 ` Ted Zlatanov
2004-01-06 23:35 ` Simon Josefsson
2004-01-06 20:33 ` Simon Josefsson
2004-01-06 23:14 ` Ted Zlatanov
2004-01-06 23:19 ` Richard Hoskins
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4nfzesy6h9.fsf@collins.bwh.harvard.edu \
--to=tzz@lifelogs.com \
--cc=ding@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).