[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Add GPG compatible symmetric encryption command
From: |
Ted Zlatanov |
Subject: |
Re: [PATCH] Add GPG compatible symmetric encryption command |
Date: |
Fri, 07 Feb 2014 06:09:05 -0500 |
User-agent: |
Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) |
On Fri, 07 Feb 2014 17:36:32 +0900 Daiki Ueno <address@hidden> wrote:
DU> AFAICS, only real use-case is a symmetric encryption facility without
DU> invoking a subprocess, as Lars said. This patch tries to add a command
DU> for it.
I mentioned many others, and so have other users. I'm sorry if you find
it hard to believe our other use cases.
DU> This is not intended for inclusion (at the moment, at least), but wanted
DU> to show the fact: one would need fair amount of work to implement a
DU> simple and reasonably secure encryption function, even if raw encryption
DU> primitives are available. So, decrypt function is currently missing on
DU> purpose (now that encryption is available, it is not hard to implement -
DU> just do reverse), and not too secure as it uses `random'.
...
DU> This is what I suggested to him before, he agreed, but has never been
DU> realized. To be honest, I doubt that this feature is generally useful
DU> (maybe only Ted and his auth-source.el users are complaining?) and still
DU> prefer EPG because of security, but I'm tired with the repeated
DU> nonsensical discussions with them.
I'm thankful for your attention to users' needs and willingness to try
finding a solution. I wrote similar integration code in my original
libnettle patch and am sure it could use similar thoroughness. I have
no reason to oppose using EPG functions to wrap the crypto primitives.
But I don't see how it affects my request to include the crypto
primitives from GnuTLS/libnettle/libhogweed, since you've already argued
the integration work is hard and needs expert attention. Does your
patch make my request less pertinent?
Sorry if I'm misunderstanding.
Ted