Re: pgg symmetric encryption patch

[Simon Josefsson]

Hi.  Thanks for reminding me.  I thought we were waiting for copyright
assignment papers?  Have the FSF received papers for all authors?  The
best way to proceed is to wait for them to arrive, and then send me a
complete patch against the then-current CVS that I can install.  I can
take care of installing it into Gnus CVS as well.

I'm all for relocating pgg.  However, I suggest lisp/pgg/ instead.
The lisp/ directory is pretty large as it is.

Ken Manheimer <address@hidden> writes:

> i just posted a new version of my allout patches which depend on the
> pgg revisions of sascha and mine, so i thought i'd post a query in
> this thread on the status of these patches - the new allout encryption
> features won't work without these pgg refinements in place.  i also
> should mention rms' initiative to relocate pgg to the lisp/ directory,
> since pgg constitutes a facility in its own regard - i'm all for that.
>
> i'm not attaching the pgg changes to this message, but can easily do
> so if needed.
>
> ken
> address@hidden
>
> On 10/12/05, Ken Manheimer <address@hidden> wrote:
>> as threatened, here is a complete patch against the current gnu.org
>> lisp/gnus repository.  i've migrated all the allout encryption
>> functionality to pgg and exercised this stuff pretty substantially,
>> and am very comfortable with the way it works.
>>
>> there are a bunch of fixes, as well as extensions so the passphrases
>> can be managed by the calling functions, as well as refinement of the
>> passphrase caching mechanism (so multiple timeouts don't pileup for a
>> single passphrase - the last one replaces the prior ones).   lotsa
>> goodies.  the patch includes sascha wilde's symmetric-encryption
>> additions - basically, the whole deal.
>>
>> what it does not include is revision of the pgg-pgp.el and pgg-pgp5.el
>> modules, to track changes to the pgg api.  i started in on that, only
>> to discover that they were already broken by the addition of a 'sign'
>> parameter to some of the encryption functions.  there's no way to
>> repair that short of implementing the feature for the other packages,
>> and i'm not in a position to do that.  (plus, i'm not sure i am
>> comfortable with the way it was done for pgg-gpg.)
>>
>> so it looks like pgg-pgp.el and pgg-pgp5.el are disfunctional already,
>> without my changes.  i'm hoping that's not going to prevent the
>> introduction of my changes.
>>
>> i'm going to be heading offline for five days, starting tomorrow, so
>> it'll be a bit before i can respond to questions.  i hope the patch
>> i'm sending (which  includes detaild ChangeLog entries) will be
>> helpful to anyone that wishes to navigate them.
>>
>> and once again, i'm not sure the attachment will be delivered this
>> time.  (it wasn't on a recent try, but then was on a subsequent
>> message.  this is the first awkward gmail bug i've hit...)
>>
>> ken
>> address@hidden
>>
>> On 10/10/05, Ken Manheimer <address@hidden> wrote:
>> > for those of you following the developments at home (:-), here's an
>> > incremental patch on top of what i sent out a few days ago.  i fixed a
>> > small stack of bugs in pgg-gpg.el that settles my complaint about
>> > prompting with the secret key identity, and also filled in a small
>> > oversight in the changes i sent out a few days ago.
>> >
>> > while this could be the last pgg patch, i'm still developing, hence
>> > the incremental.  i plan to send out a full patch when i've finished
>> > transitioning allout to pgg, at which point i expect my mucking with
>> > pgg to be settled.  so, repository maintainers may want to wait for
>> > that, while i'm hoping those actively involved (eg, sascha) will
>> > scrutinize and, ideally, exercise these patches.
>> >
>> > we'll see if the attached patch makes it through this time.  (i
>> > haven't re-attached it, which i think was the problem last time.)  if
>> > not, look forward to a followup...