emacs-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lisp/url/url-https.el


From: Ted Zlatanov
Subject: Re: lisp/url/url-https.el
Date: Thu, 15 Apr 2004 11:38:32 -0400
User-agent: Gnus/5.110002 (No Gnus v0.2) Emacs/21.3.50 (usg-unix-v)

On 14 Apr 2004, address@hidden wrote:

> My understanding is that the problems only show up for code that's
> meant specifically for encryption.  So you should be able to provide
> hooks as long as they are not specifically for encryption.

So is gnus-encrypt.el, which will contain empty hooks that the
rest of Gnus uses, a problem?  Or do I have to call it
gnus-file-handlers.el to pretend it's not what it is?

> I know nothing about your specific problem so I'm probably talking
> non-sense, but why should .authinfo and Gnus be so special?
> 
> Can't we write a generic "auto-decrypt-mode" which works similarly
> to auto-compress-mode (or maybe even a patch to auto-compress-mode
> which allows "compression using gpg") ?  This package wouldn't be
> distributable with Emacs but it doesn't have anything specific to do
> with Gnus and can distributed separately (e.g. from a non-US
> location).

crypt++.el does that.  I find it intrusive, not to mention that it
doesn't play nice with many packages (noted as bugs in the comments of
crypt++.el).  I discussed with Karl Berry, who maintains crypt++.el,
and my decision was to write a new package (gencrypt.el) which would
provide what crypt++.el provides, but as functions to be used by other
packages, rather than as a transparent layer on top of all Emacs file
I/O.  I feel that, because of the complexity and variety of
encryption programs and ciphers, a file encryption API is better than
the crypt++.el approach.

> Or maybe we can even make the patch to jka-compr.el generic enough
> (allow "(de)compression with a program that requires interactive
> user input") to make it acceptable for inclusion in Emacs.

Encryption, unfortunately, is not easy to implement correctly.  This
sort of shell pipe could present security risks, for instance, if
done without care.  gencrypt.el will do it properly.

gencrypt.el aims to provide a few pure-Lisp ciphers, as well.  That
would make it useful for those who don't install external encryption
software.

> And then somehow make sure Gnus can be customized to use
> .authinfo.gz (or .authinfo.gpg).

That's the easy part :)

Ted





reply via email to

[Prev in Thread] Current Thread [Next in Thread]