bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#17338: bug#17391: Bug#745553: emacs24-el: mml2015-always-trust shoul

From: Daniel Kahn Gillmor
Subject: bug#17338: bug#17391: Bug#745553: emacs24-el: mml2015-always-trust should default to nil, not t
Date: Thu, 26 Jan 2017 18:17:23 -0500 
On Thu 2017-01-26 14:34:22 -0500, Daiki Ueno wrote:
> Jens Lechtenboerger <jens.lechtenboerger@fsfe.org> writes:
>> The mml code is based on EasyPG by Daiki Ueno (cc’ed).  EasyPG makes
>> use of sub-keys and their IDs for encryption commands, instead of
>> relying on GnuPG’s selections.
>
> It was suggested by Werner to do key selection in Emacs, like GPGME.  I
> don't know whether GPGME changed the logic though.

I don't know what this means -- i don't think that GPGME itself does key
selection.  Can you tell me more?

Presumably users who use emacs with gpg also use gpg with other tools
(possibly even other MUAs), or even gpg on its own.  Collecting key
preference data in multiple places while sharing the underlying key
store seems like a recipe for synchronization problems and confusing
behavior, particularly for folks who don't know how the tools fit
together.


>>> Modern versions of GnuPG also provide a "tofu" mechanism to store and
>>> track that kind of decision in.  Neal Walfield (also cc'ed here) put in
>>> a lot of that implementation, so he might have some suggestions for the
>>> best way to handle it.
>
> I'm afraid I wouldn't do any work toward tofu at this level of quality;
> in particular, until they reach the consensus whether tofu is only
> activated when encryption is triggered by an email address.

I don't think i understand this either.  Can you explain more about what
you need from the GnuPG TOFU code?

Thanks for this discussion, hopefully it'll lead somewhere fruitful.

       --dkg

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]