emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: convenient digital signing for el files and snippets

From: Joseph Gay
Subject: Re: convenient digital signing for el files and snippets
Date: Wed, 09 Mar 2011 10:27:14 -0600
User-agent: Gnus/5.110014 (No Gnus v0.14) Emacs/23.2 (gnu/linux) 
>Ted Zlatanov <address@hidden> writes:
>
> I think it's better to sign a package than individual files:
> - the package manager can do the verification at install time (once)
>
> - there's already a packaging process which can easily have the extra
>   signing step, and packages have metadata we can use
>
> - signing a package would cover all the files, not just Emacs Lisp
>   files, and would be done just once per package

The file-by-file method is not intended to be ubiquitous. I agree
that for controlled packages, signing at the package level is good.

> - the Emacs Lisp code doesn't have to be polluted by the signing info

For packages and multi-file projects, this is sensible, though I don't
think the pollution factor is too bad:

e.g.

--8<---------------cut here---------------start------------->8---
;;; el-signed by Joseph Gay <address@hidden> :chars 6350
;; -----BEGIN PGP SIGNATURE-----
;; Version: GnuPG v1.4.10 (GNU/Linux)

;; iQEcBAABAgAGBQJNd6afAAoJEHcwDyjz7GfnJ1UIALfxJ6nBRQKxlJybtfX1FgkX
;; ZdLdY87eMoHbpffjHPkklzh2rpW5mLUwdhk1HIdiNMvO50v3xx4kGF8BBdBI1bfP
;; HbibsQzjtKe2Rw9gzjApwurraWbBEmVPP/yRXrPE7ORN0B1Hx/Md+ae4WHzq4Nsg
;; Gy21szGsMM4+X3qVhLB+n8qc6/OT4th/qKZGs+BEEe+uX1d7BdKoZBeDv9Be8t7p
;; QWjS5bGs9+6ghqWdbdkxqXW3r0QL5dqBnjUmV/0ZMXJaryuar35woFRRUVfbk01t
;; 13vHlvbOIGPFvE6lWWIhVWum//TpiMkp6d2s3Bx/jakEW9oo6vMAmu0cDWyx07A=
;; =tvGq
;; -----END PGP SIGNATURE-----
;;; el-sign.el ends here
--8<---------------cut here---------------end--------------->8---

> - older and legacy code doesn't have to be modified to be signed

My concern is the quantity of code on EmacsWiki plus the number of
people still using it. Perhaps this could be a stopgap approach until
ELPA takes over.

This wouldn't affect unsigned code. It would be treated the same as it
is now. Only for things that are signed would there be any potential
benefit (assurance that the signature is trusted and validated).

I have some working code now, so I will look into what it would take to
implement a mechanism for ELPA, assuming that's not already in the
works.

Thanks for your input.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]